Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-39828 (GCVE-0-2026-39828)
Vulnerability from cvelistv5 – Published: 2026-05-22 02:31 – Updated: 2026-07-10 12:05| Vendor | Product | Version | |
|---|---|---|---|
| golang.org/x/crypto | golang.org/x/crypto/ssh |
Affected:
0 , < 0.52.0
(semver)
|
|
| Red Hat | RHEM 1.0 for RHEL 9 |
cpe:/a:redhat:edge_manager:1.0::el9 |
|
| Red Hat | DevWorkspace Operator 0.42 |
cpe:/a:redhat:devworkspace:0.42::el9 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.10 |
cpe:/a:redhat:advanced_cluster_security:4.10::el8 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.11 |
cpe:/a:redhat:advanced_cluster_security:4.11::el9 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.9 |
cpe:/a:redhat:advanced_cluster_security:4.9::el8 |
|
| Red Hat | Red Hat Edge Manager 1.0 |
cpe:/a:redhat:edge_manager:1.0::el9 |
|
| Red Hat | Red Hat OpenShift Builds 1.7.4 |
cpe:/a:redhat:openshift_builds:1.7::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Trusted Artifact Signer 1.4 |
cpe:/a:redhat:trusted_artifact_signer:1.4::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.6 |
cpe:/a:redhat:multicluster_engine:2.6::el8 |
|
| Red Hat | Assisted Installer for Red Hat OpenShift Container Platform 2 |
cpe:/a:redhat:assisted_installer:2 |
|
| Red Hat | cert-manager Operator for Red Hat OpenShift |
cpe:/a:redhat:cert_manager:1 |
|
| Red Hat | Confidential Compute Attestation |
cpe:/a:redhat:confidential_compute_attestation:1 |
|
| Red Hat | External Secrets Operator for Red Hat OpenShift |
cpe:/a:redhat:external_secrets_operator:1 |
|
| Red Hat | Multicluster Engine for Kubernetes |
cpe:/a:redhat:multicluster_engine |
|
| Red Hat | OpenShift API for Data Protection |
cpe:/a:redhat:openshift_api_data_protection:1 |
|
| Red Hat | OpenShift Pipelines |
cpe:/a:redhat:openshift_pipelines:1 |
|
| Red Hat | OpenShift Serverless |
cpe:/a:redhat:serverless:1 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 |
cpe:/a:redhat:acm:2 |
|
| Red Hat | Red Hat Advanced Cluster Security 4 |
cpe:/a:redhat:advanced_cluster_security:4 |
|
| Red Hat | Red Hat Ceph Storage 9 |
cpe:/a:redhat:ceph_storage:9 |
|
| Red Hat | Red Hat Edge Manager 1 |
cpe:/a:redhat:edge_manager:1 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat OpenShift Dev Spaces |
cpe:/a:redhat:openshift_devspaces:3 |
|
| Red Hat | Red Hat OpenShift for Windows Containers |
cpe:/a:redhat:windows_machine_config |
|
| Red Hat | Red Hat OpenShift GitOps |
cpe:/a:redhat:openshift_gitops:1 |
|
| Red Hat | Red Hat OpenShift on AWS |
cpe:/a:redhat:openshift_service_on_aws:1 |
|
| Red Hat | Red Hat OpenShift Virtualization 4 |
cpe:/a:redhat:container_native_virtualization:4 |
|
| Red Hat | Red Hat OpenStack Platform 18.0 |
cpe:/a:redhat:openstack:18.0 |
|
| Red Hat | Red Hat Quay 3 |
cpe:/a:redhat:quay:3 |
|
| Red Hat | Red Hat Trusted Artifact Signer |
cpe:/a:redhat:trusted_artifact_signer:1 |
|
| Red Hat | Security Profiles Operator |
cpe:/a:redhat:openshift_security_profiles_operator:1 |
|
| Red Hat | Zero Trust Workload Identity Manager |
cpe:/a:redhat:zero_trust_workload_identity_manager:1 |
|
| Red Hat | Zero Trust Workload Identity Manager - Tech Preview |
cpe:/a:redhat:zero_trust_workload_identity_manager:0 |
|
| Red Hat | Cryostat 4 |
cpe:/a:redhat:cryostat:4 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Openshift Data Foundation 4 |
cpe:/a:redhat:openshift_data_foundation:4 |
|
| Red Hat | Red Hat OpenStack Platform 16.2 |
cpe:/a:redhat:openstack:16.2 |
|
| Red Hat | Red Hat OpenStack Platform 17.1 |
cpe:/a:redhat:openstack:17.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-39828",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-22T17:43:55.428395Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T17:44:19.986Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:edge_manager:1.0::el9"
],
"defaultStatus": "affected",
"product": "RHEM 1.0 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:devworkspace:0.42::el9"
],
"defaultStatus": "affected",
"product": "DevWorkspace Operator 0.42",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.10::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.11::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.11",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.9::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:edge_manager:1.0::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Edge Manager 1.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_builds:1.7::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Builds 1.7.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1.4::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Trusted Artifact Signer 1.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.6::el8"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:assisted_installer:2"
],
"defaultStatus": "affected",
"product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cert_manager:1"
],
"defaultStatus": "affected",
"product": "cert-manager Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1"
],
"defaultStatus": "affected",
"product": "Confidential Compute Attestation",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:external_secrets_operator:1"
],
"defaultStatus": "affected",
"product": "External Secrets Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "affected",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_api_data_protection:1"
],
"defaultStatus": "affected",
"product": "OpenShift API for Data Protection",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ceph_storage:9"
],
"defaultStatus": "affected",
"product": "Red Hat Ceph Storage 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:edge_manager:1"
],
"defaultStatus": "affected",
"product": "Red Hat Edge Manager 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:windows_machine_config"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift for Windows Containers",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_gitops:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift GitOps",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_service_on_aws:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift on AWS",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:18.0"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Platform 18.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "affected",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_security_profiles_operator:1"
],
"defaultStatus": "affected",
"product": "Security Profiles Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:1"
],
"defaultStatus": "affected",
"product": "Zero Trust Workload Identity Manager",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:0"
],
"defaultStatus": "affected",
"product": "Zero Trust Workload Identity Manager - Tech Preview",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cryostat:4"
],
"defaultStatus": "unaffected",
"product": "Cryostat 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4"
],
"defaultStatus": "unaffected",
"product": "Red Hat Openshift Data Foundation 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:17.1"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-22T02:31:26.883Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-10T12:05:42.948Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"name": "RHBZ#2480687",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39828.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36808"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26547"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26546"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37387"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37271"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37268"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37278"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37286"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37296"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36105"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36167"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:36796: RHEM 1.0 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:36808: DevWorkspace Operator 0.42"
},
{
"lang": "en",
"value": "RHSA-2026:26547: Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"lang": "en",
"value": "RHSA-2026:36625: Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"lang": "en",
"value": "RHSA-2026:36207: Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"lang": "en",
"value": "RHSA-2026:26546: Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"lang": "en",
"value": "RHSA-2026:36319: Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"lang": "en",
"value": "RHSA-2026:36651: Red Hat Edge Manager 1.0"
},
{
"lang": "en",
"value": "RHSA-2026:36648: Red Hat OpenShift Builds 1.7.4"
},
{
"lang": "en",
"value": "RHSA-2026:37387: Red Hat Openshift Data Foundation 4.22"
},
{
"lang": "en",
"value": "RHSA-2026:36797: Red Hat Trusted Artifact Signer 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:37271: Red Hat Trusted Artifact Signer 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:37268: Red Hat Trusted Artifact Signer 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:37272: Red Hat Trusted Artifact Signer 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:37278: Red Hat Trusted Artifact Signer 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:37286: Red Hat Trusted Artifact Signer 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:37296: Red Hat Trusted Artifact Signer 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:36105: multicluster engine for Kubernetes 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:36167: multicluster engine for Kubernetes 2.6"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-22T04:01:46.775Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-22T02:31:26.883Z",
"value": "Made public."
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/crypto/ssh",
"product": "golang.org/x/crypto/ssh",
"programRoutines": [
{
"name": "connection.serverAuthenticate"
},
{
"name": "NewServerConn"
}
],
"vendor": "golang.org/x/crypto",
"versions": [
{
"lessThan": "0.52.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "NCC Group Cryptography Services, sponsored by Teleport"
}
],
"descriptions": [
{
"lang": "en",
"value": "When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-863: Incorrect Authorization",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T02:31:26.883Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/issue/79562"
},
{
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"url": "https://go.dev/cl/781621"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"title": "Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-39828",
"datePublished": "2026-05-22T02:31:26.883Z",
"dateReserved": "2026-04-07T18:13:03.528Z",
"dateUpdated": "2026-07-10T12:05:42.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-39828",
"date": "2026-07-10",
"epss": "0.00314",
"percentile": "0.23316"
},
"microsoft_vex": {
"current_release_date": "2026-07-06T14:41:43.000Z",
"cve": "CVE-2026-39828",
"id": "msrc_CVE-2026-39828",
"initial_release_date": "2026-05-02T00:00:00.000Z",
"product_status:fixed": "10",
"product_status:known_affected": "17",
"product_status:known_not_affected": "2",
"source": "Microsoft CSAF VEX",
"status": "final",
"title": "Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-39828.json",
"version": "9"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-39828\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-05-22T04:16:22.190\",\"lastModified\":\"2026-07-10T12:16:44.713\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"golang.org/x/crypto\",\"product\":\"golang.org/x/crypto/ssh\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"golang.org/x/crypto/ssh\",\"programRoutines\":[{\"name\":\"connection.serverAuthenticate\"},{\"name\":\"NewServerConn\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"0.52.0\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"RHEM 1.0 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"DevWorkspace Operator 0.42\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:devworkspace:0.42::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.10::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.11\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.11::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.9::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Edge Manager 1.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Builds 1.7.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_builds:1.7::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Trusted Artifact Signer 1.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:trusted_artifact_signer:1.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.6::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Assisted Installer for Red Hat OpenShift Container Platform 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:assisted_installer:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"cert-manager Operator for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cert_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Confidential Compute Attestation\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:confidential_compute_attestation:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"External Secrets Operator for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:external_secrets_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Engine for Kubernetes\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift API for Data Protection\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_api_data_protection:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Pipelines\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_pipelines:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Serverless\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:serverless:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:acm:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ceph Storage 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ceph_storage:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Edge Manager 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift for Windows Containers\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:windows_machine_config\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift GitOps\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_gitops:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift on AWS\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_service_on_aws:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Virtualization 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 18.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openstack:18.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Trusted Artifact Signer\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:trusted_artifact_signer:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Security Profiles Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_security_profiles_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager - Tech Preview\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:cryostat:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 16.2\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openstack:16.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 17.1\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openstack:17.1\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":3.4},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-05-22T17:43:55.428395Z\",\"id\":\"CVE-2026-39828\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-281\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:crypto:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.52.0\",\"matchCriteriaId\":\"D540395B-31B8-4B07-8F79-F5C631BBD5C8\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/781621\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://go.dev/issue/79562\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/a082jnz-LvI\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-5014\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26546\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26547\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36105\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36167\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36207\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36319\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36625\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36648\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36651\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36796\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36797\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36808\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37268\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37271\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37272\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37278\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37286\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37296\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37387\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-39828\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2480687\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39828.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"redhat_vex": {
"aggregate_severity": "Important",
"current_release_date": "2026-07-10T16:26:07+00:00",
"cve": "CVE-2026-39828",
"id": "CVE-2026-39828",
"initial_release_date": "2026-05-22T02:31:26.883000+00:00",
"product_status:fixed": "241",
"product_status:known_affected": "163",
"product_status:known_not_affected": "395",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39828.json",
"version": "3"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:edge_manager:1.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"RHEM 1.0 for RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:devworkspace:0.42::el9\"], \"vendor\": \"Red Hat\", \"product\": \"DevWorkspace Operator 0.42\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.10::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.11::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.11\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.9::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:1.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager 1.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_builds:1.7::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Builds 1.7.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer 1.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:assisted_installer:2\"], \"vendor\": \"Red Hat\", \"product\": \"Assisted Installer for Red Hat OpenShift Container Platform 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cert_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"cert-manager Operator for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:confidential_compute_attestation:1\"], \"vendor\": \"Red Hat\", \"product\": \"Confidential Compute Attestation\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:external_secrets_operator:1\"], \"vendor\": \"Red Hat\", \"product\": \"External Secrets Operator for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Engine for Kubernetes\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_api_data_protection:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift API for Data Protection\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:serverless:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Serverless\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_devspaces:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Spaces\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:windows_machine_config\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift for Windows Containers\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_gitops:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift GitOps\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_service_on_aws:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift on AWS\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Virtualization 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:18.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 18.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_security_profiles_operator:1\"], \"vendor\": \"Red Hat\", \"product\": \"Security Profiles Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:zero_trust_workload_identity_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"Zero Trust Workload Identity Manager\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:zero_trust_workload_identity_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Zero Trust Workload Identity Manager - Tech Preview\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cryostat:4\"], \"vendor\": \"Red Hat\", \"product\": \"Cryostat 4\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:16.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 16.2\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:17.1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 17.1\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-22T04:01:46.775Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-05-22T02:31:26.883Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:36796: RHEM 1.0 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36808: DevWorkspace Operator 0.42\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26547: Red Hat Advanced Cluster Security for Kubernetes 4.10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36625: Red Hat Advanced Cluster Security for Kubernetes 4.10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36207: Red Hat Advanced Cluster Security for Kubernetes 4.11\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26546: Red Hat Advanced Cluster Security for Kubernetes 4.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36319: Red Hat Advanced Cluster Security for Kubernetes 4.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36651: Red Hat Edge Manager 1.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36648: Red Hat OpenShift Builds 1.7.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:37387: Red Hat Openshift Data Foundation 4.22\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36797: Red Hat Trusted Artifact Signer 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:37271: Red Hat Trusted Artifact Signer 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:37268: Red Hat Trusted Artifact Signer 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:37272: Red Hat Trusted Artifact Signer 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:37278: Red Hat Trusted Artifact Signer 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:37286: Red Hat Trusted Artifact Signer 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:37296: Red Hat Trusted Artifact Signer 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36105: multicluster engine for Kubernetes 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36167: multicluster engine for Kubernetes 2.6\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-05-22T02:31:26.883Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-39828\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2480687\", \"name\": \"RHBZ#2480687\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39828.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36796\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36808\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26547\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36625\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36207\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26546\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36319\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36651\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36648\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:37387\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36797\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:37271\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:37268\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:37272\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:37278\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:37286\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:37296\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36105\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36167\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-281\", \"description\": \"Improper Preservation of Permissions\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-07-10T12:05:42.948Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-39828\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-22T17:43:55.428395Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-22T17:44:14.299Z\"}}], \"cna\": {\"title\": \"Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh\", \"credits\": [{\"lang\": \"en\", \"value\": \"NCC Group Cryptography Services, sponsored by Teleport\"}], \"affected\": [{\"vendor\": \"golang.org/x/crypto\", \"product\": \"golang.org/x/crypto/ssh\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.52.0\", \"versionType\": \"semver\"}], \"packageName\": \"golang.org/x/crypto/ssh\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"connection.serverAuthenticate\"}, {\"name\": \"NewServerConn\"}]}], \"references\": [{\"url\": \"https://go.dev/issue/79562\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/a082jnz-LvI\"}, {\"url\": \"https://go.dev/cl/781621\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-5014\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-863: Incorrect Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-05-22T02:31:26.883Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-39828\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-10T12:05:42.948Z\", \"dateReserved\": \"2026-04-07T18:13:03.528Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-05-22T02:31:26.883Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
OPENSUSE-SU-2026:20833-1
Vulnerability from csaf_opensuse - Published: 2026-05-28 13:15 - Updated: 2026-05-28 13:15| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for trivy",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for trivy fixes the following issues:\n\nChanges in trivy:\n\n- update x/crypto to 0.52.0 (bsc#1266075, CVE-2026-39827,\n CVE-2026-39834,CVE-2026-39828,CVE-2026-39829,CVE-2026-39831,\n CVE-2026-42508,CVE-2026-39833,CVE-2026-39830,CVE-2026-39832,\n CVE-2026-46597,CVE-2026-46598,CVE-2026-46595,CVE-2026-39835)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-packagehub-272",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_20833-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1265648",
"url": "https://bugzilla.suse.com/1265648"
},
{
"category": "self",
"summary": "SUSE Bug 1266075",
"url": "https://bugzilla.suse.com/1266075"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39827 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39828 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39829 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39830 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39831 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39832 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39833 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39834 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39835 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42508 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42508/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46595 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46597 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46598 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46598/"
}
],
"title": "Security update for trivy",
"tracking": {
"current_release_date": "2026-05-28T13:15:28Z",
"generator": {
"date": "2026-05-28T13:15:28Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:20833-1",
"initial_release_date": "2026-05-28T13:15:28Z",
"revision_history": [
{
"date": "2026-05-28T13:15:28Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.70.0-bp160.3.1.aarch64",
"product": {
"name": "trivy-0.70.0-bp160.3.1.aarch64",
"product_id": "trivy-0.70.0-bp160.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.70.0-bp160.3.1.ppc64le",
"product": {
"name": "trivy-0.70.0-bp160.3.1.ppc64le",
"product_id": "trivy-0.70.0-bp160.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.70.0-bp160.3.1.s390x",
"product": {
"name": "trivy-0.70.0-bp160.3.1.s390x",
"product_id": "trivy-0.70.0-bp160.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.70.0-bp160.3.1.x86_64",
"product": {
"name": "trivy-0.70.0-bp160.3.1.x86_64",
"product_id": "trivy-0.70.0-bp160.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.70.0-bp160.3.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64"
},
"product_reference": "trivy-0.70.0-bp160.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.70.0-bp160.3.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le"
},
"product_reference": "trivy-0.70.0-bp160.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.70.0-bp160.3.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x"
},
"product_reference": "trivy-0.70.0-bp160.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.70.0-bp160.3.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
},
"product_reference": "trivy-0.70.0-bp160.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T13:15:28Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-39827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39827"
}
],
"notes": [
{
"category": "general",
"text": "An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection\u0027s internal state and released for garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39827",
"url": "https://www.suse.com/security/cve/CVE-2026-39827"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39827",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T13:15:28Z",
"details": "important"
}
],
"title": "CVE-2026-39827"
},
{
"cve": "CVE-2026-39828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39828"
}
],
"notes": [
{
"category": "general",
"text": "When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39828",
"url": "https://www.suse.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39828",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T13:15:28Z",
"details": "important"
}
],
"title": "CVE-2026-39828"
},
{
"cve": "CVE-2026-39829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39829"
}
],
"notes": [
{
"category": "general",
"text": "The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public key authentication. RSA moduli are now limited to 8192 bits, and DSA parameters are validated per FIPS 186-2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39829",
"url": "https://www.suse.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39829",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T13:15:28Z",
"details": "important"
}
],
"title": "CVE-2026-39829"
},
{
"cve": "CVE-2026-39830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39830"
}
],
"notes": [
{
"category": "general",
"text": "A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection\u0027s read loop. The blocked goroutine could not be released by calling Close(), resulting in a resource leak per connection. Unsolicited global responses are now discarded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39830",
"url": "https://www.suse.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39830",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T13:15:28Z",
"details": "important"
}
],
"title": "CVE-2026-39830"
},
{
"cve": "CVE-2026-39831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39831"
}
],
"notes": [
{
"category": "general",
"text": "The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com) did not check the User Presence flag. Signatures generated without physical touch were accepted, allowing unattended use of a hardware security key. To restore the previous behavior, return a \"no-touch-required\" extension in Permissions.Extensions from PublicKeyCallback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39831",
"url": "https://www.suse.com/security/cve/CVE-2026-39831"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39831",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T13:15:28Z",
"details": "important"
}
],
"title": "CVE-2026-39831"
},
{
"cve": "CVE-2026-39832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39832"
}
],
"notes": [
{
"category": "general",
"text": "When adding a key to a remote agent constraint extensions such as restrict-destination-v00@openssh.com were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all constraint extensions. Additionally, the in-memory keyring returned by NewKeyring() now rejects keys with unsupported constraint extensions instead of silently ignoring them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39832",
"url": "https://www.suse.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39832",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T13:15:28Z",
"details": "important"
}
],
"title": "CVE-2026-39832"
},
{
"cve": "CVE-2026-39833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39833"
}
],
"notes": [
{
"category": "general",
"text": "The in-memory keyring returned by NewKeyring() silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring() now returns an error when unsupported constraints are requested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39833",
"url": "https://www.suse.com/security/cve/CVE-2026-39833"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39833",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T13:15:28Z",
"details": "important"
}
],
"title": "CVE-2026-39833"
},
{
"cve": "CVE-2026-39834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39834"
}
],
"notes": [
{
"category": "general",
"text": "When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39834",
"url": "https://www.suse.com/security/cve/CVE-2026-39834"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39834",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T13:15:28Z",
"details": "important"
}
],
"title": "CVE-2026-39834"
},
{
"cve": "CVE-2026-39835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39835"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39835",
"url": "https://www.suse.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39835",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T13:15:28Z",
"details": "important"
}
],
"title": "CVE-2026-39835"
},
{
"cve": "CVE-2026-42508",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42508"
}
],
"notes": [
{
"category": "general",
"text": "Previously, a revoked \u0027SignatureKey\u0027 belonging to a CA was not correctly checked for revocation. Now, both the \u0027key\u0027 and \u0027key.SignatureKey\u0027 are checked for @revoked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42508",
"url": "https://www.suse.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-42508",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T13:15:28Z",
"details": "important"
}
],
"title": "CVE-2026-42508"
},
{
"cve": "CVE-2026-46595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46595"
}
],
"notes": [
{
"category": "general",
"text": "Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46595",
"url": "https://www.suse.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46595",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T13:15:28Z",
"details": "important"
}
],
"title": "CVE-2026-46595"
},
{
"cve": "CVE-2026-46597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46597"
}
],
"notes": [
{
"category": "general",
"text": "An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46597",
"url": "https://www.suse.com/security/cve/CVE-2026-46597"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46597",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T13:15:28Z",
"details": "important"
}
],
"title": "CVE-2026-46597"
},
{
"cve": "CVE-2026-46598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46598"
}
],
"notes": [
{
"category": "general",
"text": "For certain crafted inputs, a \u0027ed25519.PrivateKey\u0027 was created by casting malformed wire bytes, leading to a panic when used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46598",
"url": "https://www.suse.com/security/cve/CVE-2026-46598"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46598",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.aarch64",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.s390x",
"openSUSE Leap 16.0:trivy-0.70.0-bp160.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T13:15:28Z",
"details": "important"
}
],
"title": "CVE-2026-46598"
}
]
}
OPENSUSE-SU-2026:20834-1
Vulnerability from csaf_opensuse - Published: 2026-05-28 12:23 - Updated: 2026-05-28 12:23| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for apptainer",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for apptainer fixes the following issues:\n\nChanges in apptainer:\n\n- Fix CVE-2026-39827, CVE-2026-39834, CVE-2026-39828, CVE-2026-39829,\n CVE-2026-39831, CVE-2026-42508, CVE-2026-39833, CVE-2026-39830,\n CVE-2026-39832, CVE-2026-46597, CVE-2026-46598, CVE-2026-46595,\n CVE-2026-39835 (bsc#1266202)\n Update golang.org/x/crypto to v0.52.0\n\n- Fix CVE-2026-33814 GO-2026-4918 (bsc#1265844)\n Update golang.org/x/net to version v0.53.0\n- Integrate vulnchecker into %check stage (optional).\n\n- Sync with Factory version which also fixes CVE-2024-45310\n tracked in bsc#1257432\n- Readded SLE-15SP6.def as it was removed from Factory\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-packagehub-273",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_20834-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1257432",
"url": "https://bugzilla.suse.com/1257432"
},
{
"category": "self",
"summary": "SUSE Bug 1265844",
"url": "https://bugzilla.suse.com/1265844"
},
{
"category": "self",
"summary": "SUSE Bug 1266202",
"url": "https://bugzilla.suse.com/1266202"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45310 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45310/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39827 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39828 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39829 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39830 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39831 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39832 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39833 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39834 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39835 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42508 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42508/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46595 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46597 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46598 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46598/"
}
],
"title": "Security update for apptainer",
"tracking": {
"current_release_date": "2026-05-28T12:23:45Z",
"generator": {
"date": "2026-05-28T12:23:45Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:20834-1",
"initial_release_date": "2026-05-28T12:23:45Z",
"revision_history": [
{
"date": "2026-05-28T12:23:45Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apptainer-leap-1.4.5-bp160.2.1.noarch",
"product": {
"name": "apptainer-leap-1.4.5-bp160.2.1.noarch",
"product_id": "apptainer-leap-1.4.5-bp160.2.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.4.5-bp160.2.1.x86_64",
"product": {
"name": "apptainer-1.4.5-bp160.2.1.x86_64",
"product_id": "apptainer-1.4.5-bp160.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.4.5-bp160.2.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64"
},
"product_reference": "apptainer-1.4.5-bp160.2.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-leap-1.4.5-bp160.2.1.noarch as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
},
"product_reference": "apptainer-leap-1.4.5-bp160.2.1.noarch",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45310",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45310"
}
],
"notes": [
{
"category": "general",
"text": "runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers and exploiting a race with `os.MkdirAll`. While this could be used to create empty files, existing files would not be truncated. An attacker must have the ability to start containers using some kind of custom volume configuration. Containers using user namespaces are still affected, but the scope of places an attacker can create inodes can be significantly reduced. Sufficiently strict LSM policies (SELinux/Apparmor) can also in principle block this attack -- we suspect the industry standard SELinux policy may restrict this attack\u0027s scope but the exact scope of protection hasn\u0027t been analysed. This is exploitable using runc directly as well as through Docker and Kubernetes. The issue is fixed in runc v1.1.14 and v1.2.0-rc3.\n\nSome workarounds are available. Using user namespaces restricts this attack fairly significantly such that the attacker can only create inodes in directories that the remapped root user/group has write access to. Unless the root user is remapped to an actual\nuser on the host (such as with rootless containers that don\u0027t use `/etc/sub[ug]id`), this in practice means that an attacker would only be able to create inodes in world-writable directories. A strict enough SELinux or AppArmor policy could in principle also restrict the scope if a specific label is applied to the runc runtime, though neither the extent to which the standard existing policies block this attack nor what exact policies are needed to sufficiently restrict this attack have been thoroughly tested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45310",
"url": "https://www.suse.com/security/cve/CVE-2024-45310"
},
{
"category": "external",
"summary": "SUSE Bug 1230092 for CVE-2024-45310",
"url": "https://bugzilla.suse.com/1230092"
},
{
"category": "external",
"summary": "SUSE Bug 1257413 for CVE-2024-45310",
"url": "https://bugzilla.suse.com/1257413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:23:45Z",
"details": "low"
}
],
"title": "CVE-2024-45310"
},
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:23:45Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-39827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39827"
}
],
"notes": [
{
"category": "general",
"text": "An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection\u0027s internal state and released for garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39827",
"url": "https://www.suse.com/security/cve/CVE-2026-39827"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39827",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:23:45Z",
"details": "important"
}
],
"title": "CVE-2026-39827"
},
{
"cve": "CVE-2026-39828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39828"
}
],
"notes": [
{
"category": "general",
"text": "When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39828",
"url": "https://www.suse.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39828",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:23:45Z",
"details": "important"
}
],
"title": "CVE-2026-39828"
},
{
"cve": "CVE-2026-39829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39829"
}
],
"notes": [
{
"category": "general",
"text": "The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public key authentication. RSA moduli are now limited to 8192 bits, and DSA parameters are validated per FIPS 186-2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39829",
"url": "https://www.suse.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39829",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:23:45Z",
"details": "important"
}
],
"title": "CVE-2026-39829"
},
{
"cve": "CVE-2026-39830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39830"
}
],
"notes": [
{
"category": "general",
"text": "A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection\u0027s read loop. The blocked goroutine could not be released by calling Close(), resulting in a resource leak per connection. Unsolicited global responses are now discarded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39830",
"url": "https://www.suse.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39830",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:23:45Z",
"details": "important"
}
],
"title": "CVE-2026-39830"
},
{
"cve": "CVE-2026-39831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39831"
}
],
"notes": [
{
"category": "general",
"text": "The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com) did not check the User Presence flag. Signatures generated without physical touch were accepted, allowing unattended use of a hardware security key. To restore the previous behavior, return a \"no-touch-required\" extension in Permissions.Extensions from PublicKeyCallback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39831",
"url": "https://www.suse.com/security/cve/CVE-2026-39831"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39831",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:23:45Z",
"details": "important"
}
],
"title": "CVE-2026-39831"
},
{
"cve": "CVE-2026-39832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39832"
}
],
"notes": [
{
"category": "general",
"text": "When adding a key to a remote agent constraint extensions such as restrict-destination-v00@openssh.com were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all constraint extensions. Additionally, the in-memory keyring returned by NewKeyring() now rejects keys with unsupported constraint extensions instead of silently ignoring them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39832",
"url": "https://www.suse.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39832",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:23:45Z",
"details": "important"
}
],
"title": "CVE-2026-39832"
},
{
"cve": "CVE-2026-39833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39833"
}
],
"notes": [
{
"category": "general",
"text": "The in-memory keyring returned by NewKeyring() silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring() now returns an error when unsupported constraints are requested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39833",
"url": "https://www.suse.com/security/cve/CVE-2026-39833"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39833",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:23:45Z",
"details": "important"
}
],
"title": "CVE-2026-39833"
},
{
"cve": "CVE-2026-39834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39834"
}
],
"notes": [
{
"category": "general",
"text": "When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39834",
"url": "https://www.suse.com/security/cve/CVE-2026-39834"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39834",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:23:45Z",
"details": "important"
}
],
"title": "CVE-2026-39834"
},
{
"cve": "CVE-2026-39835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39835"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39835",
"url": "https://www.suse.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39835",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:23:45Z",
"details": "important"
}
],
"title": "CVE-2026-39835"
},
{
"cve": "CVE-2026-42508",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42508"
}
],
"notes": [
{
"category": "general",
"text": "Previously, a revoked \u0027SignatureKey\u0027 belonging to a CA was not correctly checked for revocation. Now, both the \u0027key\u0027 and \u0027key.SignatureKey\u0027 are checked for @revoked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42508",
"url": "https://www.suse.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-42508",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:23:45Z",
"details": "important"
}
],
"title": "CVE-2026-42508"
},
{
"cve": "CVE-2026-46595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46595"
}
],
"notes": [
{
"category": "general",
"text": "Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46595",
"url": "https://www.suse.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46595",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:23:45Z",
"details": "important"
}
],
"title": "CVE-2026-46595"
},
{
"cve": "CVE-2026-46597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46597"
}
],
"notes": [
{
"category": "general",
"text": "An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46597",
"url": "https://www.suse.com/security/cve/CVE-2026-46597"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46597",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:23:45Z",
"details": "important"
}
],
"title": "CVE-2026-46597"
},
{
"cve": "CVE-2026-46598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46598"
}
],
"notes": [
{
"category": "general",
"text": "For certain crafted inputs, a \u0027ed25519.PrivateKey\u0027 was created by casting malformed wire bytes, leading to a panic when used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46598",
"url": "https://www.suse.com/security/cve/CVE-2026-46598"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46598",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:apptainer-1.4.5-bp160.2.1.x86_64",
"openSUSE Leap 16.0:apptainer-leap-1.4.5-bp160.2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:23:45Z",
"details": "important"
}
],
"title": "CVE-2026-46598"
}
]
}
OPENSUSE-SU-2026:20838-1
Vulnerability from csaf_opensuse - Published: 2026-05-28 12:22 - Updated: 2026-05-28 12:22| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for hauler",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for hauler fixes the following issues:\n\nChanges in hauler:\n\n- update x/crypto to 0.52.0 (bsc#1266167, CVE-2026-39827,\n CVE-2026-39834,CVE-2026-39828,CVE-2026-39829,CVE-2026-39831,\n CVE-2026-42508,CVE-2026-39833,CVE-2026-39830,CVE-2026-39832,\n CVE-2026-46597,CVE-2026-46598,CVE-2026-46595,CVE-2026-39835)\n\n- update x/net to v0.53.0 to address CVE-2026-33814 (bsc#1265765)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-packagehub-277",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_20838-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1265765",
"url": "https://bugzilla.suse.com/1265765"
},
{
"category": "self",
"summary": "SUSE Bug 1266167",
"url": "https://bugzilla.suse.com/1266167"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39827 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39828 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39829 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39830 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39831 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39832 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39833 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39834 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39835 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42508 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42508/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46595 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46597 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46598 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46598/"
}
],
"title": "Security update for hauler",
"tracking": {
"current_release_date": "2026-05-28T12:22:48Z",
"generator": {
"date": "2026-05-28T12:22:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:20838-1",
"initial_release_date": "2026-05-28T12:22:48Z",
"revision_history": [
{
"date": "2026-05-28T12:22:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "hauler-1.4.3-bp160.2.1.aarch64",
"product": {
"name": "hauler-1.4.3-bp160.2.1.aarch64",
"product_id": "hauler-1.4.3-bp160.2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "hauler-1.4.3-bp160.2.1.x86_64",
"product": {
"name": "hauler-1.4.3-bp160.2.1.x86_64",
"product_id": "hauler-1.4.3-bp160.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "hauler-1.4.3-bp160.2.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64"
},
"product_reference": "hauler-1.4.3-bp160.2.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hauler-1.4.3-bp160.2.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
},
"product_reference": "hauler-1.4.3-bp160.2.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:22:48Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-39827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39827"
}
],
"notes": [
{
"category": "general",
"text": "An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection\u0027s internal state and released for garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39827",
"url": "https://www.suse.com/security/cve/CVE-2026-39827"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39827",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:22:48Z",
"details": "important"
}
],
"title": "CVE-2026-39827"
},
{
"cve": "CVE-2026-39828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39828"
}
],
"notes": [
{
"category": "general",
"text": "When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39828",
"url": "https://www.suse.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39828",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:22:48Z",
"details": "important"
}
],
"title": "CVE-2026-39828"
},
{
"cve": "CVE-2026-39829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39829"
}
],
"notes": [
{
"category": "general",
"text": "The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public key authentication. RSA moduli are now limited to 8192 bits, and DSA parameters are validated per FIPS 186-2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39829",
"url": "https://www.suse.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39829",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:22:48Z",
"details": "important"
}
],
"title": "CVE-2026-39829"
},
{
"cve": "CVE-2026-39830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39830"
}
],
"notes": [
{
"category": "general",
"text": "A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection\u0027s read loop. The blocked goroutine could not be released by calling Close(), resulting in a resource leak per connection. Unsolicited global responses are now discarded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39830",
"url": "https://www.suse.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39830",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:22:48Z",
"details": "important"
}
],
"title": "CVE-2026-39830"
},
{
"cve": "CVE-2026-39831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39831"
}
],
"notes": [
{
"category": "general",
"text": "The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com) did not check the User Presence flag. Signatures generated without physical touch were accepted, allowing unattended use of a hardware security key. To restore the previous behavior, return a \"no-touch-required\" extension in Permissions.Extensions from PublicKeyCallback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39831",
"url": "https://www.suse.com/security/cve/CVE-2026-39831"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39831",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:22:48Z",
"details": "important"
}
],
"title": "CVE-2026-39831"
},
{
"cve": "CVE-2026-39832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39832"
}
],
"notes": [
{
"category": "general",
"text": "When adding a key to a remote agent constraint extensions such as restrict-destination-v00@openssh.com were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all constraint extensions. Additionally, the in-memory keyring returned by NewKeyring() now rejects keys with unsupported constraint extensions instead of silently ignoring them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39832",
"url": "https://www.suse.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39832",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:22:48Z",
"details": "important"
}
],
"title": "CVE-2026-39832"
},
{
"cve": "CVE-2026-39833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39833"
}
],
"notes": [
{
"category": "general",
"text": "The in-memory keyring returned by NewKeyring() silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring() now returns an error when unsupported constraints are requested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39833",
"url": "https://www.suse.com/security/cve/CVE-2026-39833"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39833",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:22:48Z",
"details": "important"
}
],
"title": "CVE-2026-39833"
},
{
"cve": "CVE-2026-39834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39834"
}
],
"notes": [
{
"category": "general",
"text": "When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39834",
"url": "https://www.suse.com/security/cve/CVE-2026-39834"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39834",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:22:48Z",
"details": "important"
}
],
"title": "CVE-2026-39834"
},
{
"cve": "CVE-2026-39835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39835"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39835",
"url": "https://www.suse.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39835",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:22:48Z",
"details": "important"
}
],
"title": "CVE-2026-39835"
},
{
"cve": "CVE-2026-42508",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42508"
}
],
"notes": [
{
"category": "general",
"text": "Previously, a revoked \u0027SignatureKey\u0027 belonging to a CA was not correctly checked for revocation. Now, both the \u0027key\u0027 and \u0027key.SignatureKey\u0027 are checked for @revoked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42508",
"url": "https://www.suse.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-42508",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:22:48Z",
"details": "important"
}
],
"title": "CVE-2026-42508"
},
{
"cve": "CVE-2026-46595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46595"
}
],
"notes": [
{
"category": "general",
"text": "Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46595",
"url": "https://www.suse.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46595",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:22:48Z",
"details": "important"
}
],
"title": "CVE-2026-46595"
},
{
"cve": "CVE-2026-46597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46597"
}
],
"notes": [
{
"category": "general",
"text": "An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46597",
"url": "https://www.suse.com/security/cve/CVE-2026-46597"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46597",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:22:48Z",
"details": "important"
}
],
"title": "CVE-2026-46597"
},
{
"cve": "CVE-2026-46598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46598"
}
],
"notes": [
{
"category": "general",
"text": "For certain crafted inputs, a \u0027ed25519.PrivateKey\u0027 was created by casting malformed wire bytes, leading to a panic when used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46598",
"url": "https://www.suse.com/security/cve/CVE-2026-46598"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46598",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.aarch64",
"openSUSE Leap 16.0:hauler-1.4.3-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:22:48Z",
"details": "important"
}
],
"title": "CVE-2026-46598"
}
]
}
OPENSUSE-SU-2026:21210-1
Vulnerability from csaf_opensuse - Published: 2026-07-02 09:47 - Updated: 2026-07-02 09:47| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for google-osconfig-agent",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for google-osconfig-agent fixes the following issues\n\n- CVE-2023-45288: golang.org/x/net/http2: close connections when receiving too many headers.\n- CVE-2025-47911: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML documents\n (bsc#1251453).\n- CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially\n crafted input (bsc#1251704).\n- CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo-\n header (bsc#1260264).\n- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE\n (bsc#1265762).\n- CVE-2026-34986: github.com/go-jose/go-jose/v4: crafted JWE input with a missing encrypted key can lead to a denial of\n service (bsc#1262926).\n- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation\n bypass and privilege escalation (bsc#1266603).\n- CVE-2026-39827: Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh (bsc#1266171).\n- CVE-2026-39828: Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh (bsc#1266171).\n- CVE-2026-39829: Invoking pathological RSA/DSA parameters may cause DoS in golang.org/x/crypto/ssh (bsc#1266171).\n- CVE-2026-39830: Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh\n (bsc#1266171).\n- CVE-2026-39831: Invoking bypass of FIDO/U2F security keys physical interaction in golang.org/x/crypto/ssh\n (bsc#1266171).\n- CVE-2026-39832: Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent\n (bsc#1266171).\n- CVE-2026-39833: Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent (bsc#1266171).\n- CVE-2026-39834: Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh (bsc#1266171).\n- CVE-2026-39835: Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh (bsc#1266171).\n- CVE-2026-42508: Invoking auth bypass via unenforced @revoked status in golang.org/x/crypto/ssh/knownhosts\n (bsc#1266171).\n- CVE-2026-46595: Invoking VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh\n (bsc#1266171).\n- CVE-2026-46597: Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh (bsc#1266171).\n- CVE-2026-46598: Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent (bsc#1266171).\n- CVE-2026-41506: github.com/go-git/go-git/v5: HTTP authentication credential leak when following redirects during\n smart-HTTP clone and fetch operations (bsc#1264923).\n\nChanges for google-osconfig-agent:\n\n- Update to version 20260615.01\n * Upgrade golang.org/x/crypto \u0026 golang.org/x/net (#1006)\n- from version 20260615.00\n * Add unit tests for ospatch_apt_upgrade.go (#938)\n- Update to version 20260611.00\n * Add unit tests for policies/policies.go PART 5 (#998)\n- from version 20260610.00\n * Add unit tests for policies/policies.go PART 4 (#997)\n- from version 20260609.02\n * squash commits (#936)\n- from version 20260609.01\n * Add unit tests for policies/policies.go PART 3 (#996)\n- from version 20260609.00\n * Add unit tests for policies/policies.go PART 2 (#991)\n- from version 20260602.01\n * Align format of dates and timestamp collected across Windows packages (#973)\n- from version 20260602.00\n * Add unit tests for config/config,go (#979)\n- from version 20260528.00\n * Bump github.com/containerd/containerd (#990)\n- from version 20260521.00\n * Cover agentconfig functionality by unit tests (#925)\n- from version 20260520.04\n * Add unit tests for policies/googet.go (#961)\n * Bump github.com/go-git/go-git/v5 (#987)\n- from version 20260520.02\n * Add unit tests for policies/yum.go (#952)\n * Add unit tests for policies/apt.go PART 3 (#951)\n- from version 20260520.00\n * Add unit tests for policies/zypper.go (#953)\n- from version 20260519.00\n * Add unit tests for policies/policies.go PART 1 (#949)\n- from version 20260513.01\n * Bump github.com/go-git/go-git/v5 (#981), this also updates\n golang.org/x/net to v0.53.0 (bsc#1265762, CVE-2026-33814)\n- from version 20260513.00\n * upgrade a few packages (#980)\n- from version 20260512.02\n * Add/improve unit tests for agentendpoint/exec_task.go (#933)\n- from version 20260512.01\n * Cover google_update.go by unit tests (#941)\n- from version 20260512.00\n * Change zone for arm64 builds because of stockout (#978)\n- Update to version 20260511.00\n * switch to t2a-standard-2 on ARM package build (#977)\n- from version 20260505.03\n * Cover zypper_patch by unit tests (#958)\n- from version 20260505.02\n * Remove unused functions DisableAutoUpdates (#970)\n- from version 20260505.01\n * Bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc (#966)\n- from version 20260505.00\n * Upgrade a few dependencies across the repo (#968)\n + github.com/go-git/go-git/v5 5.16.2-\u003e5.18.0 (bsc#1264923, CVE-2026-41506)\n + github.com/go-jose/go-jose/v4 4.1.3-\u003e4.1.4 (bsc#1262926, CVE-2026-34986)\n + github.com/go-viper/mapstructure/v2 2.3.0-\u003e2.4.0\n + go.opentelemetry.io/otel 1.40.0-\u003e1.41.0\n + go.opentelemetry.io/otel/sdk 1.39.0-\u003e1.43.0\n- from version 20260504.01\n * bump github.com/docker/cli to 29.2.0 (#962)\n- from version 20260504.00\n * Bump github.com/opencontainers/selinux (#960)\n- Update to version 20260428.00\n * Add/improve unit tests for agentendpoint/agentendpoint.go (#930)\n- from version 20260427.03\n * Cover config/file.go by unit tests (#935)\n- from version 20260422.01\n * Cover patch_linux.go by unit tests (#932)\n- from version 20260422.00\n * upgrade grpc package in main package and e2e tests (#959)\n (bsc#1260264, CVE-2026-33186)\n- from version 20260417.04\n * Bump OSV-Scalibr version to v0.4.3 (#956)\n- from version 20260417.03\n * Add unit tests for updates_linux.go (#937)\n- from version 20260417.02\n * Add zone to CreateDisk step (#955)\n- from version 20260417.01\n * Change disk type for deb11 (#954)\n- from version 20260417.00\n * Add unit tests for policies/apt.go PART 1 (#950)\n- from version 20260410.02\n * Add unit tests for packages/pty_linux.go (#943)\n- from version 20260410.01\n * fix disk type for arm workflows (#948)\n- from version 20260410.00\n * Change machine type for arm based workflows (#946)\n- Update to version 20260330.00\n * bump timeouts for all workflows (#940)\n- from version 20260326.00\n * Cover exec_resource.go by unit tests (#934)\n- from version 20260318.00\n * Integrate OSConfig agent with ReportVmInventory (#923)\n- from version 20260313.02\n * remove cacheonly flag from yum upgrade (#924)\n- from version 20260313.01\n * conditions python version override (#927)\n- from version 20260313.00\n * Fix presubmits by explicitly set python version for rpm based systems (#926)\n- from version 20260311.00\n * Bump osconfig version (#922)\n- from version 20260309.02\n * Extend OSV scalibr extractor (#921)\n- from version 20260309.01\n * upgrade golang.org/x/crypto and it\u0027s transitive deps (#918)\n- from version 20260309.00\n * Add purl to pkg info (#920)\n- from version 20260306.00\n * Add \u0027Type\u0027 field to PkgInfo (#919)\n- from version 20260303.01\n * Upgrade go.opentelemetry.io/otel/sdk (#913)\n- from version 20260303.00\n * Bump github.com/vbatts/tar-split from 0.11.5 to 0.12.2 (#908)\n- from version 20260302.00\n * Bump github.com/spdx/tools-golang from 0.5.3 to 0.5.7 (#906)\n- from version 20260126.00\n * Bump go.opentelemetry.io/otel/sdk from 1.38.0 to 1.39.0 (#905)\n * Bump github.com/sirupsen/logrus (#894)\n- Update to version 20260119.00\n * Bump cloud.google.com/go/storage from 1.56.0 to 1.58.0 (#899)\n- Update to version 20251230.00\n * chore: Migrate gsutil usage to gcloud storage (#904)\n- from version 20251223.00\n * fix e2e tests for report inventory (#903)\n- from version 20251222.01\n * Revert \"Bump cloud.google.com/go/longrunning from 0.6.3 to 0.7.0 (#882)\" (#902)\n- from version 20251222.00\n * Bump golang to the new version (#900)\n- from version 20251218.00\n * add new CODEOWNERS (#901)\n- from version 20251217.00\n * Bump cloud.google.com/go/longrunning from 0.6.3 to 0.7.0 (#882)\n- Bump the golang compiler version to 1.24.5\n- Update to version 20251202.00\n * Revert \"Bump github.com/spdx/tools-golang from 0.5.3 to 0.5.5 (#887)\" (#893)\n- Update to version 20251201.00\n * Revert \"Bump github.com/containerd/containerd (#890)\" (#892)\n- Update to version 20251126.00\n * Bump github.com/containerd/containerd (#890)\n * Bump github.com/spdx/tools-golang from 0.5.3 to 0.5.5 (#887)\n- Update to version 20251028.00\n * Bump go.opentelemetry.io/otel/sdk/metric from 1.35.0 to 1.38.0 (#886)\n * Bump github.com/tidwall/pretty from 1.2.0 to 1.2.1 (#880)\n- from version 20251023.02\n * Create multiple_os.yaml (#883)\n- from version 20251023.00\n * Bump github.com/docker/go-connections from 0.4.0 to 0.6.0 (#877)\n * Add test runner for e2e tests (#876)\n- Update to version 20250925.00\n * Bump cloud.google.com/go/auth/oauth2adapt from 0.2.7 to 0.2.8 (#870)\n * Bump google.golang.org/protobuf from 1.36.6 to 1.36.9 (#874)\n * Bump go.opentelemetry.io/otel from 1.35.0 to 1.38.0 (#872)\n * Bump github.com/golang/glog from 1.2.4 to 1.2.5 (#830)\n- Update to version 20250902.01\n * Bump github.com/googleapis/enterprise-certificate-proxy (#829)\n- from version 20250902.00\n * update github.com/go-jose/go-jose/v4 (#869)\n * Upgrade scalibr and other deps (#866)\n- from version 20250901.00\n * Fix possibility of path traversal for zip and tar archival (#868)\n- from version 20250825.00\n * set CODEOWNERS file as required by org (#863)\n- from version 20250819.00\n * Fix/rhel10 build centos image (#860)\n- from version 20250814.00\n * Fix/rhel10 build image (#859)\n- from version 20250813.00\n * Fix: Add RHEL 10 support to RPM startup script (#858)\n- from version 20250811.00\n * Remove old/sles-15-sp4-sap as image is deprecated (#857)\n- Update to version 20250806.00\n * Fixed JSON identifier for the universe domain (#855)\n- from version 20250729.00\n * Bump github.com/google/s2a-go from 0.1.8 to 0.1.9 (#828)\n- from version 20250725.02\n * Update utils.go (#854)\n * Upgrade golang.org/x/oauth2 package to the latest. (#853)\n * Bump golang.org/x/time from 0.9.0 to 0.12.0 (#839)\n- from version 20250725.01\n * Bump golang.org/x/oauth2 (#848)\n * Port fix for debian 11 to goo package manager. (#852)\n- from version 20250725.00\n * Update Golang version in common.sh and skip backports\n repo for debian 11 (#850)\n- from version 20250723.01\n * Add workflows to build package for el10 (#849)\n- from version 20250721.00\n * Make OS Config agent TPC aware (#846)\n- from version 20250718.00\n * Create workflows for new Debian 13. (#847)\n- Update to version 20250703.00\n * Fix sles images (#844)\n- from version 20250702.00\n * Remove rhel-sap 8-4 add rhel-sap 8-10 (#843)\n- from version 20250701.00\n * Bump the go_modules group across 1 directory with 2 updates (#840)\n- Update to version 20250606.00\n * Change base docker images Google\u0027s official base images. (#838)\n- Update to version 20250523.01\n * Add a simple no-op OS policy for user testing (#837)\n- from version 20250523.00\n * Introduce scalibr inventory extractor for dpkg/rpm/cos\n os/filesystem extractors (linux) (#834)\n * Trace GetInstalledPackages memory levels (#835)\n- from version 20250520.00\n- Update to version 20250513.00\n * Fix rpm extractor, handle (none) value correctly. (#833)\n- from version 20250512.01\n * Bump github.com/envoyproxy/go-control-plane from 0.13.1 to 0.13.4 (#816)\n- from version 20250512.00\n * Bump golang.org/x/net from 0.39.0 to 0.40.0 (#819)\n- from version 20250508.01\n * cosmetic refactoring to osinfo package (#826)\n- from version 20250508.00\n * Refactor /inventory with dependency injection (#825)\n * Add debian, ubuntu (InstalledDebPackages) snapshots (#821)\n * cover packages_linux.go file with tests (#824)\n * Add debian (10,11,12) GetPackageUpdates output snapshots (#822)\n- from version 20250507.00\n * Add InstalledRPMPackages snapshot tests (#823)\n- from version 20250506.02\n * Yum tests: simplify initialization of exit errors (#820)\n- from version 20250506.01\n * Improve test coverage for gem package manager (#818)\n- from version 20250506.00\n * after go/x/crypto update 0.32.0 -\u003e 0.37.0 (#817)\n- from version 20250505.01\n * Improve packages package coverage (#814)\n * Bump golang.org/x/net from 0.34.0 to 0.39.0 (#807)\n- from version 20250505.00\n * Bump golang.org/x/crypto from 0.32.0 to 0.37.0 (#806)\n- from version 20250430.00\n * Snapshot YumUpdates (GetPackageUpdates) output (#813)\n- from version 20250428.00\n * Snapshot ZypperPatches, ZypperUpdates (GetPackageUpdates) output\n for sles 12, 15 testdata (#812)\n- from version 20250423.00\n * Introduce MatchSnapshot large test results matcher function, snapshot\n apt-deb GetPackageUpdates (#811)\n- from version 20250416.02\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-1136",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_21210-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1210938",
"url": "https://bugzilla.suse.com/1210938"
},
{
"category": "self",
"summary": "SUSE Bug 1251453",
"url": "https://bugzilla.suse.com/1251453"
},
{
"category": "self",
"summary": "SUSE Bug 1251704",
"url": "https://bugzilla.suse.com/1251704"
},
{
"category": "self",
"summary": "SUSE Bug 1260264",
"url": "https://bugzilla.suse.com/1260264"
},
{
"category": "self",
"summary": "SUSE Bug 1262926",
"url": "https://bugzilla.suse.com/1262926"
},
{
"category": "self",
"summary": "SUSE Bug 1264923",
"url": "https://bugzilla.suse.com/1264923"
},
{
"category": "self",
"summary": "SUSE Bug 1265762",
"url": "https://bugzilla.suse.com/1265762"
},
{
"category": "self",
"summary": "SUSE Bug 1266171",
"url": "https://bugzilla.suse.com/1266171"
},
{
"category": "self",
"summary": "SUSE Bug 1266603",
"url": "https://bugzilla.suse.com/1266603"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45288 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33186 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34986 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39821 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39827 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39828 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39829 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39830 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39831 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39832 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39833 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39834 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39835 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-41506 page",
"url": "https://www.suse.com/security/cve/CVE-2026-41506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42508 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42508/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46595 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46597 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46598 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46598/"
}
],
"title": "Security update for google-osconfig-agent",
"tracking": {
"current_release_date": "2026-07-02T09:47:31Z",
"generator": {
"date": "2026-07-02T09:47:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:21210-1",
"initial_release_date": "2026-07-02T09:47:31Z",
"revision_history": [
{
"date": "2026-07-02T09:47:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"product": {
"name": "google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"product_id": "google-osconfig-agent-20260615.01-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"product": {
"name": "google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"product_id": "google-osconfig-agent-20260615.01-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "google-osconfig-agent-20260615.01-160000.1.1.x86_64",
"product": {
"name": "google-osconfig-agent-20260615.01-160000.1.1.x86_64",
"product_id": "google-osconfig-agent-20260615.01-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "google-osconfig-agent-20260615.01-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64"
},
"product_reference": "google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "google-osconfig-agent-20260615.01-160000.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le"
},
"product_reference": "google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "google-osconfig-agent-20260615.01-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
},
"product_reference": "google-osconfig-agent-20260615.01-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-45288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45288"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45288",
"url": "https://www.suse.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "SUSE Bug 1221400 for CVE-2023-45288",
"url": "https://bugzilla.suse.com/1221400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "moderate"
}
],
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2025-22868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22868"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22868",
"url": "https://www.suse.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "SUSE Bug 1239185 for CVE-2025-22868",
"url": "https://bugzilla.suse.com/1239185"
},
{
"category": "external",
"summary": "SUSE Bug 1239186 for CVE-2025-22868",
"url": "https://bugzilla.suse.com/1239186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2025-22868"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
},
{
"cve": "CVE-2026-33186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33186"
}
],
"notes": [
{
"category": "general",
"text": "gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \"deny\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \"allow\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \"deny\" rules for canonical paths but allows other requests by default (a fallback \"allow\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33186",
"url": "https://www.suse.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "SUSE Bug 1260085 for CVE-2026-33186",
"url": "https://bugzilla.suse.com/1260085"
},
{
"category": "external",
"summary": "SUSE Bug 1268676 for CVE-2026-33186",
"url": "https://bugzilla.suse.com/1268676"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-33186"
},
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
},
{
"category": "external",
"summary": "SUSE Bug 1268758 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1268758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-34986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34986"
}
],
"notes": [
{
"category": "general",
"text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption (JWE) object will panic if the alg field indicates a key wrapping algorithm (one ending in KW, with the exception of A128GCMKW, A192GCMKW, and A256GCMKW) and the encrypted_key field is empty. The panic happens when cipher.KeyUnwrap() in key_wrap.go attempts to allocate a slice with a zero or negative length based on the length of the encrypted_key. This code path is reachable from ParseEncrypted() / ParseEncryptedJSON() / ParseEncryptedCompact() followed by Decrypt() on the resulting object. Note that the parse functions take a list of accepted key algorithms. If the accepted key algorithms do not include any key wrapping algorithms, parsing will fail and the application will be unaffected. This panic is also reachable by calling cipher.KeyUnwrap() directly with any ciphertext parameter less than 16 bytes long, but calling this function directly is less common. Panics can lead to denial of service. This vulnerability is fixed in 4.1.4 and 3.0.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34986",
"url": "https://www.suse.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "SUSE Bug 1262805 for CVE-2026-34986",
"url": "https://bugzilla.suse.com/1262805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-34986"
},
{
"cve": "CVE-2026-39821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39821"
}
],
"notes": [
{
"category": "general",
"text": "The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode(\"xn--example-.com\") incorrectly returns the name \"example.com\" rather than an error. This behavior can lead to privilege escalation in programs using the idna package. For example, a program which performs privilege checks on the ASCII hostname may reject \"example.com\" but permit \"xn--example-.com\". If that program subsequently converts the ASCII hostname to Unicode, it will inadvertently permits access to the Unicode name \"example.com\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39821",
"url": "https://www.suse.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "SUSE Bug 1266474 for CVE-2026-39821",
"url": "https://bugzilla.suse.com/1266474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-39821"
},
{
"cve": "CVE-2026-39827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39827"
}
],
"notes": [
{
"category": "general",
"text": "An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection\u0027s internal state and released for garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39827",
"url": "https://www.suse.com/security/cve/CVE-2026-39827"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39827",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-39827"
},
{
"cve": "CVE-2026-39828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39828"
}
],
"notes": [
{
"category": "general",
"text": "When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39828",
"url": "https://www.suse.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39828",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-39828"
},
{
"cve": "CVE-2026-39829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39829"
}
],
"notes": [
{
"category": "general",
"text": "The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public key authentication. RSA moduli are now limited to 8192 bits, and DSA parameters are validated per FIPS 186-2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39829",
"url": "https://www.suse.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39829",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-39829"
},
{
"cve": "CVE-2026-39830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39830"
}
],
"notes": [
{
"category": "general",
"text": "A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection\u0027s read loop. The blocked goroutine could not be released by calling Close(), resulting in a resource leak per connection. Unsolicited global responses are now discarded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39830",
"url": "https://www.suse.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39830",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-39830"
},
{
"cve": "CVE-2026-39831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39831"
}
],
"notes": [
{
"category": "general",
"text": "The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com) did not check the User Presence flag. Signatures generated without physical touch were accepted, allowing unattended use of a hardware security key. To restore the previous behavior, return a \"no-touch-required\" extension in Permissions.Extensions from PublicKeyCallback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39831",
"url": "https://www.suse.com/security/cve/CVE-2026-39831"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39831",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-39831"
},
{
"cve": "CVE-2026-39832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39832"
}
],
"notes": [
{
"category": "general",
"text": "When adding a key to a remote agent constraint extensions such as restrict-destination-v00@openssh.com were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all constraint extensions. Additionally, the in-memory keyring returned by NewKeyring() now rejects keys with unsupported constraint extensions instead of silently ignoring them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39832",
"url": "https://www.suse.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39832",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-39832"
},
{
"cve": "CVE-2026-39833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39833"
}
],
"notes": [
{
"category": "general",
"text": "The in-memory keyring returned by NewKeyring() silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring() now returns an error when unsupported constraints are requested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39833",
"url": "https://www.suse.com/security/cve/CVE-2026-39833"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39833",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-39833"
},
{
"cve": "CVE-2026-39834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39834"
}
],
"notes": [
{
"category": "general",
"text": "When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39834",
"url": "https://www.suse.com/security/cve/CVE-2026-39834"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39834",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-39834"
},
{
"cve": "CVE-2026-39835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39835"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39835",
"url": "https://www.suse.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39835",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-39835"
},
{
"cve": "CVE-2026-41506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-41506"
}
],
"notes": [
{
"category": "general",
"text": "go-git is an extensible git implementation library written in pure Go. Prior to versions 5.18.0 and 6.0.0-alpha.2, go-git may leak HTTP authentication credentials when following redirects during smart-HTTP clone and fetch operations. This issue has been patched in versions 5.18.0 and 6.0.0-alpha.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-41506",
"url": "https://www.suse.com/security/cve/CVE-2026-41506"
},
{
"category": "external",
"summary": "SUSE Bug 1264854 for CVE-2026-41506",
"url": "https://bugzilla.suse.com/1264854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "moderate"
}
],
"title": "CVE-2026-41506"
},
{
"cve": "CVE-2026-42508",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42508"
}
],
"notes": [
{
"category": "general",
"text": "Previously, a revoked \u0027SignatureKey\u0027 belonging to a CA was not correctly checked for revocation. Now, both the \u0027key\u0027 and \u0027key.SignatureKey\u0027 are checked for @revoked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42508",
"url": "https://www.suse.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-42508",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-42508"
},
{
"cve": "CVE-2026-46595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46595"
}
],
"notes": [
{
"category": "general",
"text": "Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46595",
"url": "https://www.suse.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46595",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-46595"
},
{
"cve": "CVE-2026-46597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46597"
}
],
"notes": [
{
"category": "general",
"text": "An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46597",
"url": "https://www.suse.com/security/cve/CVE-2026-46597"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46597",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-46597"
},
{
"cve": "CVE-2026-46598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46598"
}
],
"notes": [
{
"category": "general",
"text": "For certain crafted inputs, a \u0027ed25519.PrivateKey\u0027 was created by casting malformed wire bytes, leading to a panic when used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46598",
"url": "https://www.suse.com/security/cve/CVE-2026-46598"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46598",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.aarch64",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.ppc64le",
"openSUSE Leap 16.0:google-osconfig-agent-20260615.01-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-02T09:47:31Z",
"details": "important"
}
],
"title": "CVE-2026-46598"
}
]
}
OPENSUSE-SU-2026:21251-1
Vulnerability from csaf_opensuse - Published: 2026-07-07 17:00 - Updated: 2026-07-07 17:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for alloy",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for alloy fixes the following issues:\n\nUpdate to version 1.17.0.\n\nSecurity issues fixed:\n\n- CVE-2026-25680: golang.org/x/net/html: parsing arbitrary HTML can consume excessive CPU time, possibly leading to\n denial of service (bsc#1267185).\n- CVE-2026-25681: golang.org/x/net/html: parsing arbitrary HTML which is then rendered using Render can result in an\n unexpected HTML tree and allows for XSS (bsc#1267185).\n- CVE-2026-27136: golang.org/x/net/html: parsing arbitrary HTML which is then rendered using Render can result in an\n unexpected HTML tree and allows for XSS (bsc#1267185).\n- CVE-2026-33532: yaml: parsing input with deeply nestes collections may throw a `RangeError` due to a stack overflow\n and cause to a denial of service (bsc#1260981).\n- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation\n bypass and privilege escalation (bsc#1266654).\n- CVE-2026-39827: golang.org/x/crypto/ssh: authenticated SSH clients that repeatedly open channels which were rejected\n by the server can cause unbounded memory growth and a crash (bsc#1266196).\n- CVE-2026-39828: golang.org/x/crypto/ssh: permissions discarded when an SSH server authentication callback returns\n `PartialSuccessError` with non-`nil` permissions (bsc#1266196).\n- CVE-2026-39829: golang.org/x/crypto/ssh: unenforced size limits on key parameters by the the RSA and DSA public key\n parsers can lead to excessive CPU consumption when processing a crafted public key (bsc#1266196).\n- CVE-2026-39830: golang.org/x/crypto/ssh: malicious SSH peers sending unsolicited global request responses can block a\n connection\u0027s read loop and cause a resource leak (bsc#1266196).\n- CVE-2026-39831: golang.org/x/crypto/ssh: missing `User Presence` flag checks in the `Verify()` method for FIDO/U2F\n security key types cause signatures generated without physical touch to be accepted (bsc#1266196).\n- CVE-2026-39832: golang.org/x/crypto/ssh: destination restrictions are silently stripped when forwarding keys and\n allow for unrestricted use of a key on a remote host (bsc#1266196).\n- CVE-2026-39833: golang.org/x/crypto/ssh: in-memory keyring returned by `NewKeyring()` silently accepts keys with the\n `ConfirmBeforeUse` constraint but never enforces it (bsc#1266196).\n- CVE-2026-39834: golang.org/x/crypto/ssh: writing data larger than 4GB in a single `Write` call on an SSH channel\n leads to an integer overflow and an infinite loop that sends empty packets (bsc#1266196).\n- CVE-2026-39835: golang.org/x/crypto/ssh: processing of certificates by SSH servers using `CertChecker` as a public\n key callback without setting `IsUserAuthority` or `IsHostAuthority` can lead to a panic (bsc#1266196).\n- CVE-2026-41889: github.com/jackc/pgx/v5/internal/sanitize: use placeholders in dollar-quoted string literals in an\n SQL query can lead to a SQL injection (bsc#1265440).\n- CVE-2026-42502: golang.org/x/net/html: parsing arbitrary HTML which is then rendered using Render can result in an\n unexpected HTML tree and allows for XSS (bsc#1267185).\n- CVE-2026-42506: golang.org/x/net/html: parsing arbitrary HTML which is then rendered using Render can result in an\n unexpected HTML tree and allows for XSS (bsc#1267185).\n- CVE-2026-42508: golang.org/x/crypto/ssh: revoked `SignatureKey`s belonging to a CA are not correctly checked for\n revocation (bsc#1266196).\n- CVE-2026-44740: github.com/go-git/go-billy/v5: improper input handling in many components can lead to DoS via\n infinite loops, panics or resource consumption (bsc#1267333).\n- CVE-2026-45678: go.opentelemetry.io/obi: Postgres BIND parsing can lead to a panic when malformed payloads are\n processed (bsc#1267481).\n- CVE-2026-45682: go.opentelemetry.io/obi: keys not deleted by `CappedConcurrentHashMap` after removals allows repeated\n connection churn to grow the queue without bound and exhaust heap memory (bsc#1267485).\n- CVE-2026-45685: go.opentelemetry.io/obi: MongoDB TCP parser panics on malformed wire messages and causes a DoS\n (bsc#1267488).\n- CVE-2026-45686: go.opentelemetry.io/obi: integer overflow in memcached text protocol parser can crash the OBI process\n and cause denial of service (bsc#1267489).\n- CVE-2026-46595: golang.org/x/crypto/ssh: source-address validation is skipped if any other type of callback is passed\n other than public key (bsc#1266196).\n- CVE-2026-46597: golang.org/x/crypto/ssh: incorrectly placed cast from bytes to int in the AES-GCM packet decoder when\n processing specially crafted input can lead to for server-side panic (bsc#1266196).\n- CVE-2026-46598: golang.org/x/crypto/ssh: `ed25519.PrivateKey` created by casting malformed wire bytes due to\n processing of certain crafted inputs can lead to panic when used (bsc#1266196).\n\nOther updates and bugfixes:\n\n- Version 1.17.0:\n * Features\n * Add GraphQL server and `gql` subcommand.\n * `otelcol`: Add Nginx receiver.\n * `otelcol.exporter.prometheus`: Convert classic histograms to NHCB.\n * `database_observability`: Various enhancements for MySQL and Postgres.\n * `faro.receiver`: Support gzip-compressed request bodies.\n * Update to Beyla 3.9.8.\n * Bug Fixes\n * security: Update `x/crypto`, `x/net`, `jackc/pgx/v5`, and `obi`.\n * cluster: Fix nodes failing to join the cluster with TLS enabled.\n * `loki.process`: Fix potential deadlocks and limit stage shutdown.\n * Update Go to v1.26.4.\n- Version 1.16.3:\n * cluster: Fix nodes failing to join the cluster when TLS is enabled.\n- Version 1.16.2:\n * `loki.process`: No longer mutate rules in `stage.truncate` causing every config update to reload pipeline when this\n stage is used.\n * `loki.process`: Potential deadlock on update with stage and receiver changes.\n * `otelcol.exporter.awss3`: Add missing `unique_key_func_name` attribute.\n- Remove dependency on vulnerable `yaml` library.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-1172",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_21251-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1260981",
"url": "https://bugzilla.suse.com/1260981"
},
{
"category": "self",
"summary": "SUSE Bug 1265440",
"url": "https://bugzilla.suse.com/1265440"
},
{
"category": "self",
"summary": "SUSE Bug 1266196",
"url": "https://bugzilla.suse.com/1266196"
},
{
"category": "self",
"summary": "SUSE Bug 1266654",
"url": "https://bugzilla.suse.com/1266654"
},
{
"category": "self",
"summary": "SUSE Bug 1267185",
"url": "https://bugzilla.suse.com/1267185"
},
{
"category": "self",
"summary": "SUSE Bug 1267333",
"url": "https://bugzilla.suse.com/1267333"
},
{
"category": "self",
"summary": "SUSE Bug 1267481",
"url": "https://bugzilla.suse.com/1267481"
},
{
"category": "self",
"summary": "SUSE Bug 1267485",
"url": "https://bugzilla.suse.com/1267485"
},
{
"category": "self",
"summary": "SUSE Bug 1267488",
"url": "https://bugzilla.suse.com/1267488"
},
{
"category": "self",
"summary": "SUSE Bug 1267489",
"url": "https://bugzilla.suse.com/1267489"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25680 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25681 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27136 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33532 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33532/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39821 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39827 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39828 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39829 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39830 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39831 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39832 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39833 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39834 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39835 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-41889 page",
"url": "https://www.suse.com/security/cve/CVE-2026-41889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42502 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42502/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42506 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42508 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42508/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-44740 page",
"url": "https://www.suse.com/security/cve/CVE-2026-44740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45678 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45682 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45685 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45686 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46595 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46597 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46598 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46598/"
}
],
"title": "Security update for alloy",
"tracking": {
"current_release_date": "2026-07-07T17:00:29Z",
"generator": {
"date": "2026-07-07T17:00:29Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:21251-1",
"initial_release_date": "2026-07-07T17:00:29Z",
"revision_history": [
{
"date": "2026-07-07T17:00:29Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.17.0-160000.1.1.aarch64",
"product": {
"name": "alloy-1.17.0-160000.1.1.aarch64",
"product_id": "alloy-1.17.0-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.17.0-160000.1.1.ppc64le",
"product": {
"name": "alloy-1.17.0-160000.1.1.ppc64le",
"product_id": "alloy-1.17.0-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.17.0-160000.1.1.s390x",
"product": {
"name": "alloy-1.17.0-160000.1.1.s390x",
"product_id": "alloy-1.17.0-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.17.0-160000.1.1.x86_64",
"product": {
"name": "alloy-1.17.0-160000.1.1.x86_64",
"product_id": "alloy-1.17.0-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.17.0-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64"
},
"product_reference": "alloy-1.17.0-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.17.0-160000.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le"
},
"product_reference": "alloy-1.17.0-160000.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.17.0-160000.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x"
},
"product_reference": "alloy-1.17.0-160000.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.17.0-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
},
"product_reference": "alloy-1.17.0-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25680"
}
],
"notes": [
{
"category": "general",
"text": "Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25680",
"url": "https://www.suse.com/security/cve/CVE-2026-25680"
},
{
"category": "external",
"summary": "SUSE Bug 1267044 for CVE-2026-25680",
"url": "https://bugzilla.suse.com/1267044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-25680"
},
{
"cve": "CVE-2026-25681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25681"
}
],
"notes": [
{
"category": "general",
"text": "Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25681",
"url": "https://www.suse.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "SUSE Bug 1267044 for CVE-2026-25681",
"url": "https://bugzilla.suse.com/1267044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-25681"
},
{
"cve": "CVE-2026-27136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27136"
}
],
"notes": [
{
"category": "general",
"text": "Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27136",
"url": "https://www.suse.com/security/cve/CVE-2026-27136"
},
{
"category": "external",
"summary": "SUSE Bug 1267044 for CVE-2026-27136",
"url": "https://bugzilla.suse.com/1267044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-27136"
},
{
"cve": "CVE-2026-33532",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33532"
}
],
"notes": [
{
"category": "general",
"text": "`yaml` is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of `yaml` on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a depth bound. An attacker who can supply YAML for parsing can trigger a `RangeError: Maximum call stack size exceeded` with a small payload (~2-10 KB). The `RangeError` is not a `YAMLParseError`, so applications that only catch YAML-specific errors will encounter an unexpected exception type. Depending on the host application\u0027s exception handling, this can fail requests or terminate the Node.js process. Flow sequences allow deep nesting with minimal bytes (2 bytes per level: one `[` and one `]`). On the default Node.js stack, approximately 1,000-5,000 levels of nesting (2-10 KB input) exhaust the call stack. The exact threshold is environment-dependent (Node.js version, stack size, call stack depth at invocation). Note: the library\u0027s `Parser` (CST phase) uses a stack-based iterative approach and is not affected. Only the compose/resolve phase uses actual call-stack recursion. All three public parsing APIs are affected: `YAML.parse()`, `YAML.parseDocument()`, and `YAML.parseAllDocuments()`. Versions 1.10.3 and 2.8.3 contain a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33532",
"url": "https://www.suse.com/security/cve/CVE-2026-33532"
},
{
"category": "external",
"summary": "SUSE Bug 1260978 for CVE-2026-33532",
"url": "https://bugzilla.suse.com/1260978"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "moderate"
}
],
"title": "CVE-2026-33532"
},
{
"cve": "CVE-2026-39821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39821"
}
],
"notes": [
{
"category": "general",
"text": "The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode(\"xn--example-.com\") incorrectly returns the name \"example.com\" rather than an error. This behavior can lead to privilege escalation in programs using the idna package. For example, a program which performs privilege checks on the ASCII hostname may reject \"example.com\" but permit \"xn--example-.com\". If that program subsequently converts the ASCII hostname to Unicode, it will inadvertently permits access to the Unicode name \"example.com\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39821",
"url": "https://www.suse.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "SUSE Bug 1266474 for CVE-2026-39821",
"url": "https://bugzilla.suse.com/1266474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-39821"
},
{
"cve": "CVE-2026-39827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39827"
}
],
"notes": [
{
"category": "general",
"text": "An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection\u0027s internal state and released for garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39827",
"url": "https://www.suse.com/security/cve/CVE-2026-39827"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39827",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-39827"
},
{
"cve": "CVE-2026-39828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39828"
}
],
"notes": [
{
"category": "general",
"text": "When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39828",
"url": "https://www.suse.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39828",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-39828"
},
{
"cve": "CVE-2026-39829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39829"
}
],
"notes": [
{
"category": "general",
"text": "The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public key authentication. RSA moduli are now limited to 8192 bits, and DSA parameters are validated per FIPS 186-2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39829",
"url": "https://www.suse.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39829",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-39829"
},
{
"cve": "CVE-2026-39830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39830"
}
],
"notes": [
{
"category": "general",
"text": "A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection\u0027s read loop. The blocked goroutine could not be released by calling Close(), resulting in a resource leak per connection. Unsolicited global responses are now discarded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39830",
"url": "https://www.suse.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39830",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-39830"
},
{
"cve": "CVE-2026-39831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39831"
}
],
"notes": [
{
"category": "general",
"text": "The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com) did not check the User Presence flag. Signatures generated without physical touch were accepted, allowing unattended use of a hardware security key. To restore the previous behavior, return a \"no-touch-required\" extension in Permissions.Extensions from PublicKeyCallback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39831",
"url": "https://www.suse.com/security/cve/CVE-2026-39831"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39831",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-39831"
},
{
"cve": "CVE-2026-39832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39832"
}
],
"notes": [
{
"category": "general",
"text": "When adding a key to a remote agent constraint extensions such as restrict-destination-v00@openssh.com were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all constraint extensions. Additionally, the in-memory keyring returned by NewKeyring() now rejects keys with unsupported constraint extensions instead of silently ignoring them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39832",
"url": "https://www.suse.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39832",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-39832"
},
{
"cve": "CVE-2026-39833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39833"
}
],
"notes": [
{
"category": "general",
"text": "The in-memory keyring returned by NewKeyring() silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring() now returns an error when unsupported constraints are requested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39833",
"url": "https://www.suse.com/security/cve/CVE-2026-39833"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39833",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-39833"
},
{
"cve": "CVE-2026-39834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39834"
}
],
"notes": [
{
"category": "general",
"text": "When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39834",
"url": "https://www.suse.com/security/cve/CVE-2026-39834"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39834",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-39834"
},
{
"cve": "CVE-2026-39835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39835"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39835",
"url": "https://www.suse.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39835",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-39835"
},
{
"cve": "CVE-2026-41889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-41889"
}
],
"notes": [
{
"category": "general",
"text": "pgx is a PostgreSQL driver and toolkit for Go. Prior to version 5.9.2, SQL injection can occur when the non-default simple protocol is used, a dollar quoted string literal is used in the SQL query, that string literal contains text that would be would be interpreted as a placeholder outside of a string literal, and the value of that placeholder is controllable by the attacker. This issue has been patched in version 5.9.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-41889",
"url": "https://www.suse.com/security/cve/CVE-2026-41889"
},
{
"category": "external",
"summary": "SUSE Bug 1265433 for CVE-2026-41889",
"url": "https://bugzilla.suse.com/1265433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-41889"
},
{
"cve": "CVE-2026-42502",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42502"
}
],
"notes": [
{
"category": "general",
"text": "Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42502",
"url": "https://www.suse.com/security/cve/CVE-2026-42502"
},
{
"category": "external",
"summary": "SUSE Bug 1267044 for CVE-2026-42502",
"url": "https://bugzilla.suse.com/1267044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-42502"
},
{
"cve": "CVE-2026-42506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42506"
}
],
"notes": [
{
"category": "general",
"text": "Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42506",
"url": "https://www.suse.com/security/cve/CVE-2026-42506"
},
{
"category": "external",
"summary": "SUSE Bug 1267044 for CVE-2026-42506",
"url": "https://bugzilla.suse.com/1267044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-42506"
},
{
"cve": "CVE-2026-42508",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42508"
}
],
"notes": [
{
"category": "general",
"text": "Previously, a revoked \u0027SignatureKey\u0027 belonging to a CA was not correctly checked for revocation. Now, both the \u0027key\u0027 and \u0027key.SignatureKey\u0027 are checked for @revoked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42508",
"url": "https://www.suse.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-42508",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-42508"
},
{
"cve": "CVE-2026-44740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-44740"
}
],
"notes": [
{
"category": "general",
"text": "Billy is an interface filesystem abstraction for Go. Prior to versions 5.9.0 and 6.0.0-alpha.1, multiple components may improperly handle crafted or malformed input, resulting in panics, infinite loops, uncontrolled recursion, or excessive resource consumption. These issues arise from insufficient validation and missing safety mechanisms such as cycle detection, recursion limits, or defensive handling of unexpected states when processing untrusted repository data and filesystem structures. This issue has been patched in versions 5.9.0 and 6.0.0-alpha.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-44740",
"url": "https://www.suse.com/security/cve/CVE-2026-44740"
},
{
"category": "external",
"summary": "SUSE Bug 1267264 for CVE-2026-44740",
"url": "https://bugzilla.suse.com/1267264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-44740"
},
{
"cve": "CVE-2026-45678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45678"
}
],
"notes": [
{
"category": "general",
"text": "OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Postgres protocol parser assumes BIND message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond the end of the captured buffer and panic. This issue has been patched in version 0.9.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45678",
"url": "https://www.suse.com/security/cve/CVE-2026-45678"
},
{
"category": "external",
"summary": "SUSE Bug 1267481 for CVE-2026-45678",
"url": "https://bugzilla.suse.com/1267481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-45678"
},
{
"cve": "CVE-2026-45682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45682"
}
],
"notes": [
{
"category": "general",
"text": "OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the custom CappedConcurrentHashMap introduced for Java TLS state tracking never removes keys from its insertion-order queue when entries are deleted. In long-running instrumented JVMs, repeated connection churn can therefore grow the queue without bound and exhaust heap memory. This issue has been patched in version 0.9.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45682",
"url": "https://www.suse.com/security/cve/CVE-2026-45682"
},
{
"category": "external",
"summary": "SUSE Bug 1267485 for CVE-2026-45682",
"url": "https://bugzilla.suse.com/1267485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-45682"
},
{
"cve": "CVE-2026-45685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45685"
}
],
"notes": [
{
"category": "general",
"text": "OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.1.0 to before version 0.9.0, malformed MongoDB wire messages can trigger uncaught panics in the MongoDB TCP parser, allowing a remote unauthenticated attacker to crash the telemetry agent and cause a denial of service. The parser operates on raw attacker-controlled network payloads before the input is fully validated, so a single crafted message can terminate telemetry collection for the affected process or node. This issue has been patched in version 0.9.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45685",
"url": "https://www.suse.com/security/cve/CVE-2026-45685"
},
{
"category": "external",
"summary": "SUSE Bug 1267488 for CVE-2026-45685",
"url": "https://bugzilla.suse.com/1267488"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-45685"
},
{
"cve": "CVE-2026-45686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45686"
}
],
"notes": [
{
"category": "general",
"text": "OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI\u0027s memcached text protocol parser can crash the OBI process and cause denial of service. When parsing memcached storage commands such as set, add, replace, append, prepend, or cas, OBI accepts extremely large \u003cbytes\u003e values and adds the payload delimiter length without checking for overflow. A crafted request with \u003cbytes\u003e set to math.MaxInt or math.MaxInt-1 causes the computed payload length to wrap negative and triggers a runtime panic in LargeBufferReader.Peek. This issue has been patched in version 0.9.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45686",
"url": "https://www.suse.com/security/cve/CVE-2026-45686"
},
{
"category": "external",
"summary": "SUSE Bug 1267489 for CVE-2026-45686",
"url": "https://bugzilla.suse.com/1267489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-45686"
},
{
"cve": "CVE-2026-46595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46595"
}
],
"notes": [
{
"category": "general",
"text": "Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46595",
"url": "https://www.suse.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46595",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-46595"
},
{
"cve": "CVE-2026-46597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46597"
}
],
"notes": [
{
"category": "general",
"text": "An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46597",
"url": "https://www.suse.com/security/cve/CVE-2026-46597"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46597",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-46597"
},
{
"cve": "CVE-2026-46598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46598"
}
],
"notes": [
{
"category": "general",
"text": "For certain crafted inputs, a \u0027ed25519.PrivateKey\u0027 was created by casting malformed wire bytes, leading to a panic when used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46598",
"url": "https://www.suse.com/security/cve/CVE-2026-46598"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46598",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.17.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T17:00:29Z",
"details": "important"
}
],
"title": "CVE-2026-46598"
}
]
}
RHSA-2026:26546
Vulnerability from csaf_redhat - Published: 2026-06-17 10:25 - Updated: 2026-07-10 16:26A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority (CA). A remote attacker could potentially exploit this by presenting a revoked key, leading to the system accepting it as valid. This could allow an attacker to bypass security checks and potentially gain unauthorized access or spoof legitimate entities.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le | — |
A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26546",
"url": "https://access.redhat.com/errata/RHSA-2026:26546"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39821",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39828",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39829",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39835",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42508",
"url": "https://access.redhat.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-46595",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.9/html-single/release_notes/index#about-this-release-498_release-notes-49",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.9/html-single/release_notes/index#about-this-release-498_release-notes-49"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26546.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.9.8 security and bug fix update",
"tracking": {
"current_release_date": "2026-07-10T16:26:18+00:00",
"generator": {
"date": "2026-07-10T16:26:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:26546",
"initial_release_date": "2026-06-17T10:25:30+00:00",
"revision_history": [
{
"date": "2026-06-17T10:25:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-01T08:24:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-10T16:26:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product": {
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1778780285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3A886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Afa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ac0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1781686446"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1778780285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Ac2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Af71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Adc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ae96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1781686446"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Aa34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1778780285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Abd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ac1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ae1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Af54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1781686446"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Ae7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1778780285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Aea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Aa493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Aa252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Ae9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1781686446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Ae0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1781686446"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-39821",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-22T16:00:52.844126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/net/idna is vulnerable to privilege escalation through incorrect Punycode label handling in ToASCII and ToUnicode. An attacker who can supply a Punycode hostname that passes an ASCII-only authorization check may have it normalized to a restricted ASCII name the application intended to block. Red Hat exposure is broad across products shipping the Go toolchain or bundling golang.org/x/net, including RHEL and RHEL-AI golang RPMs, hummingbird Go runtimes, OpenShift and ODF container builds, and Ceph/OpenShift components compiled against affected x/net versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "RHBZ#2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://go.dev/cl/767220",
"url": "https://go.dev/cl/767220"
},
{
"category": "external",
"summary": "https://go.dev/issue/78760",
"url": "https://go.dev/issue/78760"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5026",
"url": "https://pkg.go.dev/vuln/GO-2026-5026"
}
],
"release_date": "2026-05-22T15:01:21.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T10:25:30+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26546"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
},
{
"cve": "CVE-2026-39828",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:46.775641+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "RHBZ#2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://go.dev/cl/781621",
"url": "https://go.dev/cl/781621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79562",
"url": "https://go.dev/issue/79562"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5014",
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"release_date": "2026-05-22T02:31:26.883000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T10:25:30+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26546"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
},
{
"cve": "CVE-2026-39829",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-22T04:01:30.092249+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in golang.org/x/crypto/ssh is rated as Important. An unauthenticated remote attacker could trigger a denial of service by providing a specially crafted public key with excessively large parameters during SSH public key authentication. This could lead to prolonged CPU consumption on the server, impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "RHBZ#2480681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://go.dev/cl/781641",
"url": "https://go.dev/cl/781641"
},
{
"category": "external",
"summary": "https://go.dev/cl/781661",
"url": "https://go.dev/cl/781661"
},
{
"category": "external",
"summary": "https://go.dev/issue/79565",
"url": "https://go.dev/issue/79565"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5018",
"url": "https://pkg.go.dev/vuln/GO-2026-5018"
}
],
"release_date": "2026-05-22T02:31:27.324000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T10:25:30+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26546"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters"
},
{
"cve": "CVE-2026-39835",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-05-22T04:01:27.279943+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480680"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh` affecting SSH servers that utilize `CertChecker` as a public key callback without explicitly configuring `IsUserAuthority` or `IsHostAuthority`. A remote, unauthenticated attacker can trigger a server panic by presenting a specially crafted certificate, leading to service disruption. Exploitation requires a specific, non-default configuration of the `CertChecker`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "RHBZ#2480680",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480680"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39835"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://go.dev/cl/781660",
"url": "https://go.dev/cl/781660"
},
{
"category": "external",
"summary": "https://go.dev/issue/79563",
"url": "https://go.dev/issue/79563"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5015",
"url": "https://pkg.go.dev/vuln/GO-2026-5015"
}
],
"release_date": "2026-05-22T02:31:26.982000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T10:25:30+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26546"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate"
},
{
"cve": "CVE-2026-42508",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-05-22T04:01:49.515058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480688"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority (CA). A remote attacker could potentially exploit this by presenting a revoked key, leading to the system accepting it as valid. This could allow an attacker to bypass security checks and potentially gain unauthorized access or spoof legitimate entities.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in `golang.org/x/crypto/ssh/knownhosts` allows a remote attacker to bypass security checks. This vulnerability arises because the system fails to properly verify the revocation status of a Certificate Authority (CA) `SignatureKey`. In Red Hat environments, this could enable an attacker to present a revoked key, leading to its acceptance as valid and potentially granting unauthorized access or facilitating the spoofing of legitimate entities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "RHBZ#2480688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480688"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42508",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42508"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508"
},
{
"category": "external",
"summary": "https://go.dev/cl/781220",
"url": "https://go.dev/cl/781220"
},
{
"category": "external",
"summary": "https://go.dev/issue/79568",
"url": "https://go.dev/issue/79568"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5021",
"url": "https://pkg.go.dev/vuln/GO-2026-5021"
}
],
"release_date": "2026-05-22T02:31:27.644000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T10:25:30+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26546"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey"
},
{
"cve": "CVE-2026-46595",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2026-05-22T04:01:52.215134+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/crypto/ssh is vulnerable to authorization bypass when SSH server configurations rely on source-address validation alongside non-public-key authentication callbacks. An attacker with low privileges who can authenticate through such a callback path may bypass intended source-address restrictions and gain unauthorized SSH access. Red Hat impact sits in services built with affected x/crypto/ssh, including RHEL golang streams, hummingbird Go toolchains, RHACM/MCE agents, and OpenShift or Ceph components that embed Go SSH servers with mixed callback types.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "RHBZ#2480689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46595",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46595"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://go.dev/cl/781642",
"url": "https://go.dev/cl/781642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79570",
"url": "https://go.dev/issue/79570"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5023",
"url": "https://pkg.go.dev/vuln/GO-2026-5023"
}
],
"release_date": "2026-05-22T02:31:27.894000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T10:25:30+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26546"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/crypto/ssh release via updated golang or package rebuilds. Ensure SSH servers use supported public-key callback configurations with source-address validation as intended.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6972f0c1cbb441f82433e265b3da8cdd8dc6856c56424585ee4ced3fe5c09ae1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1f55e04796f54e86b86ed462745a8fcfb629ec9b31dbc449bc25b61eeaee4be6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:886c4e82016a653f6119c8ba3a58c0ee9884264542d38b7af5ef471d41e381ab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9842887f2f6f756fca35bbb44e43e5d9a108fd59e8b6531edac5d33713d40681_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2fe9ce9a0255754b9a7fa37a4439a04d5175ede645624fc4d488e5f741f8fb42_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4beab5787841b5c1a31d5cdf557ed6f9255bbd9567bcbcd95bfb17fe8ceec7c4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3b304d8e2517477bfe5e3bf85410c0a2cdb7cfffe257c89db2eec8f709868a8c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b7915e8d8ab1145e5c8b009bffb9c3665564abdadcf45f8409dbd8ebd61b3af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9331c93bce3806edbbdecda4efc95bb09ed9ee3d49639a5555cb98aeccd0a9e3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e0907670b2030ac41cffc9310f83cc4b3c25a3534c9c0f2a71a228772e8869ea_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c1b9220609c9a48673e8a6b028cccdcc92fdb68c8ab3e79286ed9eae21e9dec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:20bc93f257c8c7dba0f25cd74ebb6589c056af0dfa7c28acd7ac5f54e14e4f71_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f54e3fc756b212b35c21eebe31be0e60b85f4a6f74cc1b01f8be5e38178987f6_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation"
}
]
}
RHSA-2026:26547
Vulnerability from csaf_redhat - Published: 2026-06-17 10:26 - Updated: 2026-07-10 16:26A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority (CA). A remote attacker could potentially exploit this by presenting a revoked key, leading to the system accepting it as valid. This could allow an attacker to bypass security checks and potentially gain unauthorized access or spoof legitimate entities.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64 | — |
A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26547",
"url": "https://access.redhat.com/errata/RHSA-2026:26547"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39821",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39828",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39829",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39835",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42508",
"url": "https://access.redhat.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-46595",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.10/html-single/release_notes/index#about-this-release-4104_release-notes-410",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.10/html-single/release_notes/index#about-this-release-4104_release-notes-410"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26547.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.10.4 security and bug fix update",
"tracking": {
"current_release_date": "2026-07-10T16:26:18+00:00",
"generator": {
"date": "2026-07-10T16:26:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:26547",
"initial_release_date": "2026-06-17T10:26:32+00:00",
"revision_history": [
{
"date": "2026-06-17T10:26:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-01T08:24:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-10T16:26:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product": {
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.10::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Acc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1778746262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-fact-rhel8@sha256%3Ab4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8\u0026tag=1778746644"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3Ad96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Acefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ace747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Aa6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1781686458"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Aaa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Afe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1778746262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-fact-rhel8@sha256%3A71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8\u0026tag=1778746644"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1781686458"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Ae077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1778746262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Aff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Af94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Af1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Abe1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1781686458"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1778746262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Ac92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Abc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ab693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Ab5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1781686458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Aac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1781686458"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-39821",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-22T16:00:52.844126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/net/idna is vulnerable to privilege escalation through incorrect Punycode label handling in ToASCII and ToUnicode. An attacker who can supply a Punycode hostname that passes an ASCII-only authorization check may have it normalized to a restricted ASCII name the application intended to block. Red Hat exposure is broad across products shipping the Go toolchain or bundling golang.org/x/net, including RHEL and RHEL-AI golang RPMs, hummingbird Go runtimes, OpenShift and ODF container builds, and Ceph/OpenShift components compiled against affected x/net versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "RHBZ#2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://go.dev/cl/767220",
"url": "https://go.dev/cl/767220"
},
{
"category": "external",
"summary": "https://go.dev/issue/78760",
"url": "https://go.dev/issue/78760"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5026",
"url": "https://pkg.go.dev/vuln/GO-2026-5026"
}
],
"release_date": "2026-05-22T15:01:21.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T10:26:32+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26547"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
},
{
"cve": "CVE-2026-39828",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:46.775641+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "RHBZ#2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://go.dev/cl/781621",
"url": "https://go.dev/cl/781621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79562",
"url": "https://go.dev/issue/79562"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5014",
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"release_date": "2026-05-22T02:31:26.883000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T10:26:32+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26547"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
},
{
"cve": "CVE-2026-39829",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-22T04:01:30.092249+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in golang.org/x/crypto/ssh is rated as Important. An unauthenticated remote attacker could trigger a denial of service by providing a specially crafted public key with excessively large parameters during SSH public key authentication. This could lead to prolonged CPU consumption on the server, impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "RHBZ#2480681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://go.dev/cl/781641",
"url": "https://go.dev/cl/781641"
},
{
"category": "external",
"summary": "https://go.dev/cl/781661",
"url": "https://go.dev/cl/781661"
},
{
"category": "external",
"summary": "https://go.dev/issue/79565",
"url": "https://go.dev/issue/79565"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5018",
"url": "https://pkg.go.dev/vuln/GO-2026-5018"
}
],
"release_date": "2026-05-22T02:31:27.324000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T10:26:32+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26547"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters"
},
{
"cve": "CVE-2026-39835",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-05-22T04:01:27.279943+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480680"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh` affecting SSH servers that utilize `CertChecker` as a public key callback without explicitly configuring `IsUserAuthority` or `IsHostAuthority`. A remote, unauthenticated attacker can trigger a server panic by presenting a specially crafted certificate, leading to service disruption. Exploitation requires a specific, non-default configuration of the `CertChecker`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "RHBZ#2480680",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480680"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39835"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://go.dev/cl/781660",
"url": "https://go.dev/cl/781660"
},
{
"category": "external",
"summary": "https://go.dev/issue/79563",
"url": "https://go.dev/issue/79563"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5015",
"url": "https://pkg.go.dev/vuln/GO-2026-5015"
}
],
"release_date": "2026-05-22T02:31:26.982000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T10:26:32+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26547"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate"
},
{
"cve": "CVE-2026-42508",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-05-22T04:01:49.515058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480688"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority (CA). A remote attacker could potentially exploit this by presenting a revoked key, leading to the system accepting it as valid. This could allow an attacker to bypass security checks and potentially gain unauthorized access or spoof legitimate entities.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in `golang.org/x/crypto/ssh/knownhosts` allows a remote attacker to bypass security checks. This vulnerability arises because the system fails to properly verify the revocation status of a Certificate Authority (CA) `SignatureKey`. In Red Hat environments, this could enable an attacker to present a revoked key, leading to its acceptance as valid and potentially granting unauthorized access or facilitating the spoofing of legitimate entities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "RHBZ#2480688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480688"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42508",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42508"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508"
},
{
"category": "external",
"summary": "https://go.dev/cl/781220",
"url": "https://go.dev/cl/781220"
},
{
"category": "external",
"summary": "https://go.dev/issue/79568",
"url": "https://go.dev/issue/79568"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5021",
"url": "https://pkg.go.dev/vuln/GO-2026-5021"
}
],
"release_date": "2026-05-22T02:31:27.644000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T10:26:32+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26547"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey"
},
{
"cve": "CVE-2026-46595",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2026-05-22T04:01:52.215134+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/crypto/ssh is vulnerable to authorization bypass when SSH server configurations rely on source-address validation alongside non-public-key authentication callbacks. An attacker with low privileges who can authenticate through such a callback path may bypass intended source-address restrictions and gain unauthorized SSH access. Red Hat impact sits in services built with affected x/crypto/ssh, including RHEL golang streams, hummingbird Go toolchains, RHACM/MCE agents, and OpenShift or Ceph components that embed Go SSH servers with mixed callback types.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "RHBZ#2480689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46595",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46595"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://go.dev/cl/781642",
"url": "https://go.dev/cl/781642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79570",
"url": "https://go.dev/issue/79570"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5023",
"url": "https://pkg.go.dev/vuln/GO-2026-5023"
}
],
"release_date": "2026-05-22T02:31:27.894000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T10:26:32+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26547"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/crypto/ssh release via updated golang or package rebuilds. Ensure SSH servers use supported public-key callback configurations with source-address validation as intended.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:3120b9da663ad13dd25bf0a442047aa6e091818ac92e0dfbf0466790aff3a815_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:830fb20771985e278a3f1596ad01dde699ac301fd66a513b3c5d48033ef87677_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa0f7291442d421a05a630f4f1353dd771efee18804378e99bba87bf53807898_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cc671d793496771a5ab3573787848947b8b38cbf0de653c48d1a59e38d6f540b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1fa196c12883f368c939e73e29ef164007bea29bc862d1f62ecbd4e88a8e02ee_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2265ec2ee6b2d7ad99ead7b0027340f943967fa2ad209f5ad047980b50e2c606_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:701e03be8af9dcf8c225aedcadd16bc0659ffe23ec144e392d8e5426574aa981_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:9b9d13c05147f584ed0f7a011b62bfd7fdc09922cccb4905fd42c135375a7940_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d96aad39e2545948e5aee4c81335acf99a2390502d2f1a9d363445536d46563b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:35da98e6493df539685c846a3cb691efec2fffa7f103e8885ab81304d06188b2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5288127fdadf1ea1b50a33409d904d92d947d4c05ff04702bcd133eb0725fad2_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c92440378491376cc51bfc0b90dd1eff8a760e541c9b8ffad03814b31e78bc82_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ff8305c16f5d5b2ed33f31b683f567d2b1e16d030c71e487486f771081e27287_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4f8e6007a0cb0e06bc99b2e4eec712703529b54551c25321ff8a30c069a9fb05_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6274fff88b63efe2ab43679badba678e04bfbeff002196b181ef6dbcf6a64033_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:709dcc08b20a072e102b9af927b8dc8dc1e5a18dd32a3e021ed68f35ecac9eb4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bc44bfd54740ca3c1c9afdd476a75778f17a4cb236b7a94db1fb0579d56a188a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:333578fbd2691ef38ba8f3f327edf3a771ece02b8e240d4c28f5ee795b634314_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a6036900919f5d523e448c2379304c808b2bb9d697cddc7b617c878cec3ce6ac_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac01d8710157643b872158c7a6b9a50f24d075ad98d49498eb4680b0c159fb28_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be1c9041f0ad659f76ea288e0c6cbb6b4e5e01de3f85b4dfc4d49db36bb52fbd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:018e59ee1e36b1dafb6ceab29d35a0655167bfed5772a8491cd301ae63cc8428_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:31c9ebbac8f00d6e0dccc1444a55792e1216999a674433e34bd2c95e189b5db2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7aa6fbf776029c9c02b99cafc968891607d0fd94f42210c61497aa7d2c0a86ae_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ce747865996d9ac5f46aab9d9d59c059ff30b59ae95fe8628bfd286de25c3253_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation"
}
]
}
RHSA-2026:36105
Vulnerability from csaf_redhat - Published: 2026-07-07 07:55 - Updated: 2026-07-10 16:26A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64 | — |
Workaround
|
A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface (CRI) plugin, which manages container operations, fails to validate labels propagated from an image configuration to a container. This oversight could enable an attacker to execute arbitrary commands on the host system through a plugin that processes these unvalidated labels. The primary impact is host-root command execution, allowing unauthorized control over the underlying system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Assisted installer RHEL 8 components for the multicluster engine for Kubernetes 2.6.12 General Availability release, with updates to container images.",
"title": "Topic"
},
{
"category": "general",
"text": "Assisted Installer RHEL 8 integrates components for the general multicluster engine\nfor Kubernetes 2.6.12 release that simplify the process of deploying OpenShift Container\nPlatform clusters.\n\nThe multicluster engine for Kubernetes provides the foundational components\nthat are necessary for the centralized management of multiple\nKubernetes-based clusters across data centers, public clouds, and private\nclouds.\n\nYou can use the engine to create new Red Hat OpenShift Container Platform\nclusters, or to import existing Kubernetes-based clusters for management.\n\nAfter the clusters are managed, you can use the APIs that\nare provided by the engine to distribute configuration based on placement\npolicy.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:36105",
"url": "https://access.redhat.com/errata/RHSA-2026:36105"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39821",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39828",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-53488",
"url": "https://access.redhat.com/security/cve/CVE-2026-53488"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36105.json"
}
],
"title": "Red Hat Security Advisory: Assisted Installer RHEL 8 components for Multicluster Engine for Kubernetes 2.6.12",
"tracking": {
"current_release_date": "2026-07-10T16:26:19+00:00",
"generator": {
"date": "2026-07-10T16:26:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:36105",
"initial_release_date": "2026-07-07T07:55:03+00:00",
"revision_history": [
{
"date": "2026-07-07T07:55:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-07T07:55:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-10T16:26:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "multicluster engine for Kubernetes 2.6",
"product": {
"name": "multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:multicluster_engine:2.6::el8"
}
}
}
],
"category": "product_family",
"name": "multicluster engine for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256%3Ab1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel8\u0026tag=1783407900"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel8@sha256%3A15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8\u0026tag=1783407939"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-8-rhel8@sha256%3A9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-8-rhel8\u0026tag=1783332008"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256%3A26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel8\u0026tag=1783407900"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel8@sha256%3A2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8\u0026tag=1783407939"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-8-rhel8@sha256%3A26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-8-rhel8\u0026tag=1783332008"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256%3A99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel8\u0026tag=1783407900"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel8@sha256%3A13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8\u0026tag=1783407939"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-8-rhel8@sha256%3A7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-8-rhel8\u0026tag=1783332008"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256%3A6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel8\u0026tag=1783407900"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel8@sha256%3A887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8\u0026tag=1783407939"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-8-rhel8@sha256%3Aa7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-8-rhel8\u0026tag=1783332008"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le as a component of multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64 as a component of multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64 as a component of multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x as a component of multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64 as a component of multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x as a component of multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le as a component of multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64 as a component of multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64 as a component of multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le as a component of multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64 as a component of multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x as a component of multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-39821",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-22T16:00:52.844126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/net/idna is vulnerable to privilege escalation through incorrect Punycode label handling in ToASCII and ToUnicode. An attacker who can supply a Punycode hostname that passes an ASCII-only authorization check may have it normalized to a restricted ASCII name the application intended to block. Red Hat exposure is broad across products shipping the Go toolchain or bundling golang.org/x/net, including RHEL and RHEL-AI golang RPMs, hummingbird Go runtimes, OpenShift and ODF container builds, and Ceph/OpenShift components compiled against affected x/net versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "RHBZ#2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://go.dev/cl/767220",
"url": "https://go.dev/cl/767220"
},
{
"category": "external",
"summary": "https://go.dev/issue/78760",
"url": "https://go.dev/issue/78760"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5026",
"url": "https://pkg.go.dev/vuln/GO-2026-5026"
}
],
"release_date": "2026-05-22T15:01:21.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T07:55:03+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.11.",
"product_ids": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36105"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.",
"product_ids": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
},
{
"cve": "CVE-2026-39828",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:46.775641+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "RHBZ#2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://go.dev/cl/781621",
"url": "https://go.dev/cl/781621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79562",
"url": "https://go.dev/issue/79562"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5014",
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"release_date": "2026-05-22T02:31:26.883000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T07:55:03+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.11.",
"product_ids": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36105"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
},
{
"cve": "CVE-2026-53488",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-07-01T02:01:09.589815+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2495815"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface (CRI) plugin, which manages container operations, fails to validate labels propagated from an image configuration to a container. This oversight could enable an attacker to execute arbitrary commands on the host system through a plugin that processes these unvalidated labels. The primary impact is host-root command execution, allowing unauthorized control over the underlying system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A flaw was found in containerd where the CRI plugin propagates labels from an image configuration (LABEL instruction in a Dockerfile) to a container without validation. This may result in executing an arbitrary command on the host via a plugin that consumes container labels for operations, such as the restart-monitor binary:// logger. An attacker who can cause a crafted container image to be pulled and run can achieve host-level code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-53488"
},
{
"category": "external",
"summary": "RHBZ#2495815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2495815"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-53488",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-53488"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-53488",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53488"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-xhf5-7wjv-pqxp",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-xhf5-7wjv-pqxp"
}
],
"release_date": "2026-07-01T00:11:20.610000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T07:55:03+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.11.",
"product_ids": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36105"
},
{
"category": "workaround",
"details": "Restrict container image pulls to trusted registries using admission policies or image signature verification. Where containerd is used as the container runtime, disable or restrict the binary:// logger URI scheme in the containerd configuration to prevent the label-to-logger attack path.",
"product_ids": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:13af28ec463e2877e106c0f36881e26033532a7681a282de6b988d2cddf74f7d_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:15066fae8152efb67cd9f839af234cb21d1f88e3d75c0419c0563c5d0f1dd692_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:2cbf7b3ece78f963ffb9fc60b2ecf4c4440361750d4d3964142ef8bdac527379_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel8@sha256:887035814ff7e6e0ff72019eed37277aa535389de65971fd6a4fac3acd32a84c_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:26ba753fd18a3d966755a548331401e68abc2791a077ad370f2a955a32d7677f_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:6e76d785acd383c4123195401363e1c4a9ea00fba18a25bc4ef98f33f29c5083_s390x",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:99978f203298eee00bf5eb951506630115d1e9afae26469c98ff6cd271a4d1fe_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-installer-rhel8@sha256:b1eb0d2804359d83c18c8eec4dc663001b7f89e954a31fd2c47053c27cb4437e_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:26ab409373069765e56e7b056702ac3d5e527191da6937e547fe4ab934fac1e4_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:7d2d22ecbe79b676d7e08eb9675645212f06b1975bf6b320a53f2c83913e79dd_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9c57a27b244c777a94846abc3c7738efe972ae1d39453bc6363a417a6587f1d9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:a7ed7fb0b19759c868ff4c6453753b2d80596802c182b5da76e6ff706fc18551_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin"
}
]
}
RHSA-2026:36167
Vulnerability from csaf_redhat - Published: 2026-07-07 08:06 - Updated: 2026-07-10 16:26A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x | — |
Vendor Fix
fix
Workaround
|
A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface (CRI) plugin, which manages container operations, fails to validate labels propagated from an image configuration to a container. This oversight could enable an attacker to execute arbitrary commands on the host system through a plugin that processes these unvalidated labels. The primary impact is host-root command execution, allowing unauthorized control over the underlying system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.6.12 General Availability release, with updates to container images.",
"title": "Topic"
},
{
"category": "general",
"text": "Assisted Installer RHEL 9 integrates components for the general multicluster engine\nfor Kubernetes 2.6.12 release that simplify the process of deploying OpenShift Container\nPlatform clusters.\n\nThe multicluster engine for Kubernetes provides the foundational components\nthat are necessary for the centralized management of multiple\nKubernetes-based clusters across data centers, public clouds, and private\nclouds.\n\nYou can use the engine to create new Red Hat OpenShift Container Platform\nclusters, or to import existing Kubernetes-based clusters for management.\n\nAfter the clusters are managed, you can use the APIs that\nare provided by the engine to distribute configuration based on placement\npolicy.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:36167",
"url": "https://access.redhat.com/errata/RHSA-2026:36167"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39821",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39828",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-53488",
"url": "https://access.redhat.com/security/cve/CVE-2026-53488"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36167.json"
}
],
"title": "Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.6.12",
"tracking": {
"current_release_date": "2026-07-10T16:26:20+00:00",
"generator": {
"date": "2026-07-10T16:26:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:36167",
"initial_release_date": "2026-07-07T08:06:49+00:00",
"revision_history": [
{
"date": "2026-07-07T08:06:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-07T08:06:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-10T16:26:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "multicluster engine for Kubernetes 2.6",
"product": {
"name": "multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:multicluster_engine:2.6::el9"
}
}
}
],
"category": "product_family",
"name": "multicluster engine for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1783333268"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3Ad9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1783333268"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1783333268"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3Aea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1783333268"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64 as a component of multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le as a component of multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64 as a component of multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x as a component of multicluster engine for Kubernetes 2.6",
"product_id": "multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-39821",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-22T16:00:52.844126+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/net/idna is vulnerable to privilege escalation through incorrect Punycode label handling in ToASCII and ToUnicode. An attacker who can supply a Punycode hostname that passes an ASCII-only authorization check may have it normalized to a restricted ASCII name the application intended to block. Red Hat exposure is broad across products shipping the Go toolchain or bundling golang.org/x/net, including RHEL and RHEL-AI golang RPMs, hummingbird Go runtimes, OpenShift and ODF container builds, and Ceph/OpenShift components compiled against affected x/net versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "RHBZ#2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://go.dev/cl/767220",
"url": "https://go.dev/cl/767220"
},
{
"category": "external",
"summary": "https://go.dev/issue/78760",
"url": "https://go.dev/issue/78760"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5026",
"url": "https://pkg.go.dev/vuln/GO-2026-5026"
}
],
"release_date": "2026-05-22T15:01:21.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T08:06:49+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.11.",
"product_ids": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36167"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.",
"product_ids": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
},
{
"cve": "CVE-2026-39828",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:46.775641+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "RHBZ#2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://go.dev/cl/781621",
"url": "https://go.dev/cl/781621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79562",
"url": "https://go.dev/issue/79562"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5014",
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"release_date": "2026-05-22T02:31:26.883000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T08:06:49+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.11.",
"product_ids": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36167"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
},
{
"cve": "CVE-2026-53488",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-07-01T02:01:09.589815+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2495815"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface (CRI) plugin, which manages container operations, fails to validate labels propagated from an image configuration to a container. This oversight could enable an attacker to execute arbitrary commands on the host system through a plugin that processes these unvalidated labels. The primary impact is host-root command execution, allowing unauthorized control over the underlying system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A flaw was found in containerd where the CRI plugin propagates labels from an image configuration (LABEL instruction in a Dockerfile) to a container without validation. This may result in executing an arbitrary command on the host via a plugin that consumes container labels for operations, such as the restart-monitor binary:// logger. An attacker who can cause a crafted container image to be pulled and run can achieve host-level code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-53488"
},
{
"category": "external",
"summary": "RHBZ#2495815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2495815"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-53488",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-53488"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-53488",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53488"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-xhf5-7wjv-pqxp",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-xhf5-7wjv-pqxp"
}
],
"release_date": "2026-07-01T00:11:20.610000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T08:06:49+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.11.",
"product_ids": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36167"
},
{
"category": "workaround",
"details": "Restrict container image pulls to trusted registries using admission policies or image signature verification. Where containerd is used as the container runtime, disable or restrict the binary:// logger URI scheme in the containerd configuration to prevent the label-to-logger attack path.",
"product_ids": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:0dea3f88818977c2392172f46f00c2298360811d7f1d8a8878a947ee986f68e9_amd64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:88a25f8f2cc5c935b8b6f7ffda5beac8d58e3370051cb704dcba9f7fc2c446c4_ppc64le",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d9d180f6958fbaf250b99cb10d3c955dde07037c01fc39936b74e9cd2484d486_arm64",
"multicluster engine for Kubernetes 2.6:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:ea5ac20c57933b17e55ae6e629ec272f385c3c61d12d0cf91678b6bda12396c8_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin"
}
]
}
RHSA-2026:36207
Vulnerability from csaf_redhat - Published: 2026-07-07 11:09 - Updated: 2026-07-10 16:26A flaw was found in Red Hat Advanced Cluster Security for Kubernetes (RHACS). Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central, resulting in a denial of service for the management plane.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution in applications that use the affected component.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x | — |
Workaround
|
A flaw was found in golang.org/x/net/html. When arbitrary HTML is parsed and then rendered, it can result in an unexpected HTML tree. This allows an attacker to bypass HTML sanitization mechanisms, leading to Cross-Site Scripting (XSS) attacks in applications. Such attacks can result in information disclosure or arbitrary code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x | — |
Workaround
|
A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x | — |
Workaround
|
A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as prototype pollution, allows an attacker to inject malicious properties into core JavaScript objects. When another component in the same application environment is compromised and pollutes the system's object prototype, Axios can unknowingly use these manipulated values in its outbound network requests. This could lead to the disclosure of sensitive information or the alteration of network communications, compromising data confidentiality and integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64 | — |
Workaround
|
A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface (CRI) plugin, which manages container operations, fails to validate labels propagated from an image configuration to a container. This oversight could enable an attacker to execute arbitrary commands on the host system through a plugin that processes these unvalidated labels. The primary impact is host-root command execution, allowing unauthorized control over the underlying system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:36207",
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25681",
"url": "https://access.redhat.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27136",
"url": "https://access.redhat.com/security/cve/CVE-2026-27136"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39821",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39828",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39829",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39830",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39835",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42264",
"url": "https://access.redhat.com/security/cve/CVE-2026-42264"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-46595",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-53488",
"url": "https://access.redhat.com/security/cve/CVE-2026-53488"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9165",
"url": "https://access.redhat.com/security/cve/CVE-2026-9165"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.11/html-single/release_notes/index#about-this-release-4111_release-notes-411",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.11/html-single/release_notes/index#about-this-release-4111_release-notes-411"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36207.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.11.1 security and bug fix update",
"tracking": {
"current_release_date": "2026-07-10T16:26:29+00:00",
"generator": {
"date": "2026-07-10T16:26:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:36207",
"initial_release_date": "2026-07-07T11:09:24+00:00",
"revision_history": [
{
"date": "2026-07-07T11:09:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-07T11:09:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-10T16:26:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product": {
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.11::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel9@sha256%3Aa67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel9@sha256%3A0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9\u0026tag=1782122242"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-fact-rhel9@sha256%3A2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9\u0026tag=1782109225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel9@sha256%3A5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel9-operator@sha256%3Ab9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3A2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel9@sha256%3A93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel9@sha256%3A8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9\u0026tag=1782925137"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel9@sha256%3A39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9\u0026tag=1782925137"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel9@sha256%3A1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9\u0026tag=1782925137"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel9@sha256%3A207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9\u0026tag=1782925137"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel9@sha256%3Aee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel9@sha256%3A4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9\u0026tag=1783352589"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel9@sha256%3A70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel9@sha256%3Abc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9\u0026tag=1782122242"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-fact-rhel9@sha256%3A1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9\u0026tag=1782109225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel9@sha256%3A41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel9-operator@sha256%3A91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel9@sha256%3Ad50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel9@sha256%3A276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9\u0026tag=1782925137"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel9@sha256%3Aab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9\u0026tag=1782925137"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel9@sha256%3A3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9\u0026tag=1782925137"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel9@sha256%3A3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9\u0026tag=1782925137"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel9@sha256%3Ab26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel9@sha256%3A06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9\u0026tag=1783352589"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel9@sha256%3A93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel9@sha256%3Af5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9\u0026tag=1782122242"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel9@sha256%3A55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel9-operator@sha256%3A307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel9@sha256%3Aa8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel9@sha256%3A5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9\u0026tag=1782925137"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel9@sha256%3A7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9\u0026tag=1782925137"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel9@sha256%3A58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9\u0026tag=1782925137"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel9@sha256%3A242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9\u0026tag=1782925137"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel9@sha256%3A0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel9@sha256%3A175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9\u0026tag=1783352589"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel9@sha256%3Afd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel9@sha256%3A063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9\u0026tag=1782122242"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel9@sha256%3Ad785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel9-operator@sha256%3Afbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel9@sha256%3Aeab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel9@sha256%3Abf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9\u0026tag=1782925137"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel9@sha256%3A69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9\u0026tag=1782925137"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel9@sha256%3A973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9\u0026tag=1782925137"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel9@sha256%3A9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9\u0026tag=1782925137"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel9@sha256%3Ae7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9\u0026tag=1783352589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel9@sha256%3A7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9\u0026tag=1783352589"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.11",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.11"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Moritz Clasmeier"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2026-9165",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2026-05-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480505"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Advanced Cluster Security for Kubernetes (RHACS). Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central, resulting in a denial of service for the management plane.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "stackrox: stackrox: Unbounded GraphQL query depth allows authenticated denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue affecting RHACS Central. This flaw allows an authenticated user to reduce availability of the Central management component. Red Hat is not aware of malicious exploitation of this issue outside of coordinated testing. Updates addressing this issue will be released according to the RHACS support lifecycle. Refer to the associated errata when available for affected versions and update instructions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9165"
},
{
"category": "external",
"summary": "RHBZ#2480505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480505"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9165"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9165",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9165"
}
],
"release_date": "2026-07-06T08:38:30.568000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T11:09:24+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"category": "workaround",
"details": "There is no complete mitigation other than installing the update once\navailable.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "stackrox: stackrox: Unbounded GraphQL query depth allows authenticated denial of service"
},
{
"cve": "CVE-2026-25681",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-05-22T16:01:08.177603+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480761"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution in applications that use the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in `golang.org/x/net/html` could enable remote attackers to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution. The flaw allows specially crafted HTML to bypass input sanitization during parsing and rendering. Red Hat products are affected if they process untrusted HTML content using the vulnerable component without additional output encoding or robust content security policies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "RHBZ#2480761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480761"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681"
},
{
"category": "external",
"summary": "https://go.dev/cl/781703",
"url": "https://go.dev/cl/781703"
},
{
"category": "external",
"summary": "https://go.dev/issue/79574",
"url": "https://go.dev/issue/79574"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5029",
"url": "https://pkg.go.dev/vuln/GO-2026-5029"
}
],
"release_date": "2026-05-22T15:01:21.975000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T11:09:24+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"category": "workaround",
"details": "To mitigate this flaw, applications processing untrusted HTML input must implement strict input sanitization and ensure all output is properly encoded before rendering. Deploying a comprehensive Content Security Policy (CSP) can restrict script execution, further reducing the attack surface. Administrators should review application configurations to ensure adequate protection against XSS.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting"
},
{
"cve": "CVE-2026-27136",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-05-22T16:00:56.609820+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480757"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. When arbitrary HTML is parsed and then rendered, it can result in an unexpected HTML tree. This allows an attacker to bypass HTML sanitization mechanisms, leading to Cross-Site Scripting (XSS) attacks in applications. Such attacks can result in information disclosure or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: golang: golang.org/x/net/html: Cross-Site Scripting via HTML parsing bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in `golang.org/x/net/html` is rated as Important. It allows for Cross-Site Scripting (XSS) attacks by enabling an attacker to bypass HTML sanitization mechanisms when arbitrary HTML is parsed and rendered. This can lead to information disclosure or arbitrary code execution in affected applications. Exploitation typically requires user interaction, where a user processes specially crafted malicious HTML content.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27136"
},
{
"category": "external",
"summary": "RHBZ#2480757",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480757"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27136",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27136"
},
{
"category": "external",
"summary": "https://go.dev/cl/781685",
"url": "https://go.dev/cl/781685"
},
{
"category": "external",
"summary": "https://go.dev/issue/79575",
"url": "https://go.dev/issue/79575"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5030",
"url": "https://pkg.go.dev/vuln/GO-2026-5030"
}
],
"release_date": "2026-05-22T15:01:22.111000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T11:09:24+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: golang: golang.org/x/net/html: Cross-Site Scripting via HTML parsing bypass"
},
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T11:09:24+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-39821",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-22T16:00:52.844126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/net/idna is vulnerable to privilege escalation through incorrect Punycode label handling in ToASCII and ToUnicode. An attacker who can supply a Punycode hostname that passes an ASCII-only authorization check may have it normalized to a restricted ASCII name the application intended to block. Red Hat exposure is broad across products shipping the Go toolchain or bundling golang.org/x/net, including RHEL and RHEL-AI golang RPMs, hummingbird Go runtimes, OpenShift and ODF container builds, and Ceph/OpenShift components compiled against affected x/net versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "RHBZ#2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://go.dev/cl/767220",
"url": "https://go.dev/cl/767220"
},
{
"category": "external",
"summary": "https://go.dev/issue/78760",
"url": "https://go.dev/issue/78760"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5026",
"url": "https://pkg.go.dev/vuln/GO-2026-5026"
}
],
"release_date": "2026-05-22T15:01:21.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T11:09:24+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
},
{
"cve": "CVE-2026-39828",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:46.775641+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "RHBZ#2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://go.dev/cl/781621",
"url": "https://go.dev/cl/781621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79562",
"url": "https://go.dev/issue/79562"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5014",
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"release_date": "2026-05-22T02:31:26.883000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T11:09:24+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
},
{
"cve": "CVE-2026-39829",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-22T04:01:30.092249+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in golang.org/x/crypto/ssh is rated as Important. An unauthenticated remote attacker could trigger a denial of service by providing a specially crafted public key with excessively large parameters during SSH public key authentication. This could lead to prolonged CPU consumption on the server, impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "RHBZ#2480681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://go.dev/cl/781641",
"url": "https://go.dev/cl/781641"
},
{
"category": "external",
"summary": "https://go.dev/cl/781661",
"url": "https://go.dev/cl/781661"
},
{
"category": "external",
"summary": "https://go.dev/issue/79565",
"url": "https://go.dev/issue/79565"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5018",
"url": "https://pkg.go.dev/vuln/GO-2026-5018"
}
],
"release_date": "2026-05-22T02:31:27.324000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T11:09:24+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters"
},
{
"cve": "CVE-2026-39830",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-05-22T04:01:38.517202+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection\u0027s read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh`. A remote, unauthenticated attacker can exploit this vulnerability by sending unsolicited global request responses to an affected SSH server, leading to resource exhaustion and a denial of service. The impact is considered Important due to the potential for unauthenticated remote disruption of services utilizing the vulnerable SSH library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "RHBZ#2480684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39830",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://go.dev/cl/781640",
"url": "https://go.dev/cl/781640"
},
{
"category": "external",
"summary": "https://go.dev/cl/781664",
"url": "https://go.dev/cl/781664"
},
{
"category": "external",
"summary": "https://go.dev/issue/79564",
"url": "https://go.dev/issue/79564"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5017",
"url": "https://pkg.go.dev/vuln/GO-2026-5017"
}
],
"release_date": "2026-05-22T02:31:27.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T11:09:24+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"category": "workaround",
"details": "To mitigate this denial of service vulnerability, restrict network access to any service that utilizes the `golang.org/x/crypto/ssh` library and is exposed to untrusted networks. Implement firewall rules to allow connections only from trusted hosts or networks. This action limits the ability of malicious peers to send unsolicited global request responses. A restart of the affected service may be necessary for the new network rules to be applied effectively.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses"
},
{
"cve": "CVE-2026-39835",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-05-22T04:01:27.279943+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480680"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh` affecting SSH servers that utilize `CertChecker` as a public key callback without explicitly configuring `IsUserAuthority` or `IsHostAuthority`. A remote, unauthenticated attacker can trigger a server panic by presenting a specially crafted certificate, leading to service disruption. Exploitation requires a specific, non-default configuration of the `CertChecker`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "RHBZ#2480680",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480680"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39835"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://go.dev/cl/781660",
"url": "https://go.dev/cl/781660"
},
{
"category": "external",
"summary": "https://go.dev/issue/79563",
"url": "https://go.dev/issue/79563"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5015",
"url": "https://pkg.go.dev/vuln/GO-2026-5015"
}
],
"release_date": "2026-05-22T02:31:26.982000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T11:09:24+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate"
},
{
"cve": "CVE-2026-42264",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-05-08T04:02:21.039378+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467927"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as prototype pollution, allows an attacker to inject malicious properties into core JavaScript objects. When another component in the same application environment is compromised and pollutes the system\u0027s object prototype, Axios can unknowingly use these manipulated values in its outbound network requests. This could lead to the disclosure of sensitive information or the alteration of network communications, compromising data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Prototype pollution allows information disclosure and request manipulation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important prototype pollution flaw in Axios could result in information disclosure and network request manipulation. The vulnerability occurs when a co-located dependency in the application environment successfully pollutes the JavaScript `Object.prototype`. Under these conditions, Axios may unknowingly incorporate the manipulated properties into its outbound HTTP requests, potentially compromising data confidentiality and integrity. Exploitation is contingent on a prior successful prototype pollution attack from another component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42264"
},
{
"category": "external",
"summary": "RHBZ#2467927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467927"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42264",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42264"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa",
"url": "https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10779",
"url": "https://github.com/axios/axios/pull/10779"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.2",
"url": "https://github.com/axios/axios/releases/tag/v1.15.2"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-q8qp-cvcw-x6jj",
"url": "https://github.com/axios/axios/security/advisories/GHSA-q8qp-cvcw-x6jj"
}
],
"release_date": "2026-05-08T03:20:24.248000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T11:09:24+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Prototype pollution allows information disclosure and request manipulation"
},
{
"cve": "CVE-2026-46595",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2026-05-22T04:01:52.215134+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/crypto/ssh is vulnerable to authorization bypass when SSH server configurations rely on source-address validation alongside non-public-key authentication callbacks. An attacker with low privileges who can authenticate through such a callback path may bypass intended source-address restrictions and gain unauthorized SSH access. Red Hat impact sits in services built with affected x/crypto/ssh, including RHEL golang streams, hummingbird Go toolchains, RHACM/MCE agents, and OpenShift or Ceph components that embed Go SSH servers with mixed callback types.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "RHBZ#2480689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46595",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46595"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://go.dev/cl/781642",
"url": "https://go.dev/cl/781642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79570",
"url": "https://go.dev/issue/79570"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5023",
"url": "https://pkg.go.dev/vuln/GO-2026-5023"
}
],
"release_date": "2026-05-22T02:31:27.894000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T11:09:24+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/crypto/ssh release via updated golang or package rebuilds. Ensure SSH servers use supported public-key callback configurations with source-address validation as intended.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation"
},
{
"cve": "CVE-2026-53488",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-07-01T02:01:09.589815+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2495815"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface (CRI) plugin, which manages container operations, fails to validate labels propagated from an image configuration to a container. This oversight could enable an attacker to execute arbitrary commands on the host system through a plugin that processes these unvalidated labels. The primary impact is host-root command execution, allowing unauthorized control over the underlying system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A flaw was found in containerd where the CRI plugin propagates labels from an image configuration (LABEL instruction in a Dockerfile) to a container without validation. This may result in executing an arbitrary command on the host via a plugin that consumes container labels for operations, such as the restart-monitor binary:// logger. An attacker who can cause a crafted container image to be pulled and run can achieve host-level code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-53488"
},
{
"category": "external",
"summary": "RHBZ#2495815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2495815"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-53488",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-53488"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-53488",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53488"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-xhf5-7wjv-pqxp",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-xhf5-7wjv-pqxp"
}
],
"release_date": "2026-07-01T00:11:20.610000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T11:09:24+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"category": "workaround",
"details": "Restrict container image pulls to trusted registries using admission policies or image signature verification. Where containerd is used as the container runtime, disable or restrict the binary:// logger URI scheme in the containerd configuration to prevent the label-to-logger attack path.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:70dbc4b2fd02c6006d01fd31277c79e1152a04e678316853cc9650004a88c8f6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:93e15662b963e2da7c1ca4ad5c47df2a49d6df5857c9cb44157c88a1eb14c99c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:a67c68062eb3fe78067524fbef175c6f4dcb2876138fbafc17c8f5aef930ffb5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel9@sha256:fd0e68ad1f3d790efc1a7637a63668df741a3195d86260291ca7ff85fe72bed2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:063b28090fce858259efe584b09d7329b766ae461926e8d78f6fac1cf6738055_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:0964f3f379136662c8c3817b2a7d3b787808fab2b742cd7ea53d5f6c2248d1c9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:bc05850aa1cefea5105198c9af51c64f2b255df1c1ccbb30f3c12a2d4c549f1b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel9@sha256:f5a7d92dc9cb85b9a4d70d871ab1748e80435e9ddba74ba3818e92ec57f7cf78_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:1ba125d01f712a5fb85db400a0cd9d2240c36529d7d0c8e925acfd3c45845bec_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel9@sha256:2801fe77997c4325f9d1e154eae8c63a4fc808e2c31c773a60c47d63268b1bbc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:41fd9a9bc849f2c7c6439532bd537c34384b88be30b37629c5e271e0e4be7db4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:55d7e178435c881a57a88aa6747cd6dedd3c3a512014d0509919dceef13b2946_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:5fef4993574a20a48a9f93e5f07967d13b7b26e8f7e83e2222ea5bbe1f500409_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel9@sha256:d785df86cfd97ff76e6d9426b247543faa91efaeb950f6b2e6b97f9e67624043_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:2fe25a8ac9612f29a625969bb25d24938abb298e9a9e1e79fb3aa34c6a0e5f76_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:307402d2c8c46b74c1a855dad9fdd9f4013c057256513b4d1d58ac980ed8d2e0_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:91710d1c3f67e096b682cb6fa118c70d40bbbc36e3293aa3bea9890775d70236_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:b9d25811da46af4766d41e7543cc54a2820b2b9a4c190585e34166620cf070f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-rhel9-operator@sha256:fbd34cb7d74c9e699337157c4c26bc714b541e00645948cccedb5e7afb258003_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:93dc86f2358079474a9f5ce67e0e6430c2cdbe8a01155be8020165fce2e73f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:a8c0e823eb62db8ff39de33d6401670e2f65cac8e640b64a9ffeae8ecc0c12bc_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:d50e48a12a217855c373b865df663f50355e4f76fba33de65e50bdc333112c4a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel9@sha256:eab9c2e2d1ea614bf898c0cba75223f7960a61b7d2315815d6410e3c4f62d7f8_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:39470e0a40255d8d0bcfb6a3e82d77bfd57fdbff5452179f69eed7cff417a103_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:69531d80a6af41db1c28f54a8acfea85594fca34c754c8049e75b331e998a973_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:7a6b045c058be14ab95043bc3c6680bba5ab54a060ae45dbc7e6e8896fb093d8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel9@sha256:ab57133805270163a3cb99e972b183e8613a6fbfcc943eae5b542d923d572244_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:1c03e0ce9e3b48c8c0f2a9c65dfe3d9b344cd82ac776dc210ef23b91745b0682_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:3783cfecf52a9c532c4e64ed93078581c8ca200efda661efc63ae1fac4391d57_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:58a181deb194766402e32ef43375e2e51208b229c8c97674bda5a6fcc768b8fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel9@sha256:973cb71559d8d346c3e0840a6865afda1de53017dcd9f35ee0a56a1606f3149b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:276fbe3c102abbed5d2cc29b1dbf30456ab5d647fe7f157f18180cdd5ab0b431_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:5fb0bea0b4f43dce5201a986eb9bcd9aa9c2859e3d762f265e4d000a4c93474f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:8efb0787d02e6700bee64b83c251ee11f4cdc4a04eb770cea3ba34f3d9ec94b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel9@sha256:bf53175b6a2e11cf7f5599b65fcb4e56e4037ad5b6254c9e4fa070080aea66fc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:207a6c112b395d28579d8318d95bec18942834476574e07889ae734a4df1c4b5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:242afe8097041307445f2e9f4b8d3d674aa4ff91c6ffe884ef170b356a09fe68_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:3e0bc79f2f14f0bf95c5c5f08a7838e8c3df3df5da52182f4807b844dda8638e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel9@sha256:9823d42834e5698b968385a7ef7d5a2a2749c441d8122a895bf53d3681df6a7c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:06be3bd07a7bf44fb19a93869f6286fbdc7d8b8e7b8507e3c8ce9f8af67574f9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:175bde7c228af62b6f04799bc35a01d525a115d7decb73b2b5f90a3c8cf10a9c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:4d800957aef55f44442be2a95bd85e3098587c6b0f7455b50264993cd4a2154b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel9@sha256:7fb3f1bf0b641c2f30493fb8e10e90625f5fd30f77ed3b7dec2a98012d54bbab_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:0a23d3fe6f4f54358bef552a62b3d098a97d39b4f1c0b0c0c6d3588c85276417_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:b26fb5031c85204e1b9174c49452146d4528560de554b70e2e97eebccd610fb8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:e7d01fcd2995b921946a7842faec251ff4434bb9cda3b77e855339f2d9241471_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.11:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel9@sha256:ee31bd693543f37461982b1bbcdb783e438c3d1021875829bd24974a1d2c0ea6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.